Win32/Adware.Virtumonde and Win32/PrivacyRemover.m64 |
Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.
  |
 Sep 1 2008, 06:41 AM
Post
#1
|
|
|
Member  Posts: 20 OS: Windows XP  |
My laptop has a warning message saying I have the two viruses listed in the topic title. When I turn the computer on it gets to the point where I can see the desktop and the warning message and then it freezes and I have to switch it off by holding down the 'on' button. I am unable to access the internet. I have managed to start it in safe mode and run a virus scan using McAfee which I am pretty sure was up to date before the computer was infected. However when I click 'fix' at the end of the virus scan McAfee shows an error message that it is unable to complete. I have read some other postings saying to download files from the internet to kill the viruses but I have been unable to access the internet so far - though I could be doing something wrong or not trying to access the internet as I should. What can I do? Can anyone help? BlueGreenOne |
 |
 
|
|
Sep 1 2008, 09:21 AM
Post
#2
|
|
 GeekU Teacher  Posts: 10,079 From: Somewhere OS: Windows xp home |
Hello BlueGreenOne
Welcome to G2Go.  ===================== You can run this in safe mode. download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop. Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
If, after posting, the last line is not <End of Report> then the log is too big to fit into a single post and you will need to split it into multiple posts or attach it as a file. |
|
|
|
|
Sep 1 2008, 10:03 AM
Post
#3
|
|
|
Member Posts: 20 OS: Windows XP |
Hi kahdah
Thanks for the prompt response. How would you suggest I access the internet whilst logged on as Administrator in safe mode? I have tried by clicking on internet explorer but have been unable to do so. Should I try something else? Regards BlueGreenOne |
|
|
|
|
Sep 1 2008, 10:15 AM
Post
#4
|
|
|
GeekU Teacher Posts: 10,079 From: Somewhere OS: Windows xp home |
Boot into Safe Mode With Networking and that will give you internet access
|
|
|
|
|
Sep 1 2008, 10:40 AM
Post
#5
|
|
|
Member Posts: 20 OS: Windows XP |
Hi kahdah
I thought I already attempted to access the internet that way but I wil try again. Am currently writing from work computer so will try to access the internet in safe mode with networking and let you know how I get on. Is there any other way I can try? Thanks BlueGreenOne |
|
|
|
|
Sep 1 2008, 10:44 AM
Post
#6
|
|
|
GeekU Teacher Posts: 10,079 From: Somewhere OS: Windows xp home |
Yes if you have a flash drive or a cd just run the scan and save the file to the flash drive or cd.
Then post it or better yet attach it here in your next reply. Then you wont have to have internet access at all. Just mainly need to see the log. |
|
|
|
|
Sep 2 2008, 02:10 AM
Post
#7
|
|
|
Member Posts: 20 OS: Windows XP |
Hi Kahdah
I managed to open internet explorer in safe mode as administrator but I was unable to access the geekstogo website. I did a Google search for the OTScanlt.exe file but I was unable to access any website with that program. I'll try and find another computer to load the program onto a CD and then put that in the laptop and run the scan. I'll get back to you with the log from the scan. BlueGreenOne |
|
|
|
|
Sep 2 2008, 06:50 PM
Post
#8
|
|
|
GeekU Teacher Posts: 10,079 From: Somewhere OS: Windows xp home |
Ok.
|
|
|
|
|
Sep 5 2008, 02:24 AM
Post
#9
|
|
|
Member Posts: 20 OS: Windows XP |
Hi Kahdah
I started the computer in safe mode with networking as administrator and attempted to upload the scan program from an email account but I was unable to logon to the email account. I then copied the scan program to a CD. When I put the CD in the laptop's drive I was unable to open the program and no icon appeared on the desktop. The CD did not run automatically. I could see the little light that the CD was being read but it did not run. I repeated the process a number of times, each time starting the computer in safe mode and logging in as administrator. No success each time. I managed to start the laptop in safe mode with the DOS prompt but was unable to remember the command to view the contents of D: or run the program from D: What's the next step? BlueGreenOne |
|
|
|
|
Sep 5 2008, 04:15 AM
Post
#10
|
|
|
GeekU Teacher Posts: 10,079 From: Somewhere OS: Windows xp home |
You will need to do this in your normal account in safe mode.
Are you saying that you cannot open the cd drive and copy the OT scan it folder from the cd onto the desktop? You will need to first copy it then open it once it is on your desktop. |
|
|
|
|
Sep 5 2008, 05:49 AM
Post
#11
|
|
|
Member Posts: 20 OS: Windows XP |
I have tried to copy the files from the CD to the desktop. In my computer I right clicked on the D: icon, selected copy, and then right clicked on the desktop. When I attempt to open the file that was copied nothing happens.
In my computer I tried to expand the D: drive but nothing happened. I was unable to see what files were on the D: drive and so I was unable to copy them. I will be offline for a few days so I will look for your next tip when I am next able to logon again. Thanks |
|
|
|
|
Sep 5 2008, 08:50 AM
Post
#12
|
|
|
GeekU Teacher Posts: 10,079 From: Somewhere OS: Windows xp home |
OKay so you cannot open your cd drive to see the file?
See if you can run this file: Please RIGHT-CLICK HERE and Save As (in IE it's "Save Target As", in FF it's "Save Link As") to download Silent Runners.
|
|
|
|
|
Sep 18 2008, 02:26 PM
Post
#13
|
|
|
Member Posts: 20 OS: Windows XP |
Hi Kahdah I have managed to run the program OTScanIt. I will await your next update. I have attached the txt file and also inserted the text from the scan as shown below: CODE OTScanIt logfile created on: 17/09/2008 21:52:16 OTScanIt by OldTimer - Version 1.0.18.0 Folder = C:\Documents and Settings\Administrator\Desktop\My Disc (D)\OTScanIt Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 1022.37 Mb Total Physical Memory | 809.28 Mb Available Physical Memory | 79.16% Memory free 2.40 Gb Paging File | 2.30 Gb Available in Paging File | 95.85% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 105.05 Gb Total Space | 81.36 Gb Free Space | 77.44% Space Free | Partition Type: NTFS Drive D: | 1.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: D63GDL2J Current User Name: Administrator Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: Current user Whitelist: On [Processes - Non-Microsoft Only] [Win32 Services - Non-Microsoft Only] (Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 18/02/2008 12:16:30 | Attr = ] (EvtEng) Intel(R) PROSet/Wireless Event Log [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Intel\Wireless\Bin\EvtEng.exe -> Intel Corporation [Ver = 10, 1, 1, 1 | Size = 114753 bytes | Modified Date = 01/05/2006 10:20:52 | Attr = ] (KodakCCS) Kodak Camera Connection Software [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\drivers\KodakCCS.exe -> Eastman Kodak Company [Ver = 1.1.5100.0 | Size = 301624 bytes | Modified Date = 19/02/2004 11:01:48 | Attr = ] (LVCOMSer) LVCOMSer [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\LogiShrd\LVCOMSER\LVComSer.exe -> Logitech Inc. [Ver = 1.0.5.1158 | Size = 186904 bytes | Modified Date = 19/10/2007 14:17:28 | Attr = ] (LVPrcSrv) Process Monitor [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\LogiShrd\LVMVFM\LVPrcSrv.exe -> Logitech Inc. [Ver = 11.5.0.1158 | Size = 141848 bytes | Modified Date = 19/10/2007 14:19:22 | Attr = ] (LVSrvLauncher) LVSrvLauncher [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\LogiShrd\SrvLnch\SrvLnch.exe -> Logitech Inc. [Ver = 11.5.0.1158 | Size = 141848 bytes | Modified Date = 19/10/2007 14:21:16 | Attr = ] (RegSrvc) Intel(R) PROSet/Wireless Registry Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Intel\Wireless\Bin\RegSrvc.exe -> Intel Corporation [Ver = 10, 1, 1, 1 | Size = 217164 bytes | Modified Date = 01/05/2006 10:20:26 | Attr = ] (S24EventMonitor) Intel(R) PROSet/Wireless Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Intel\Wireless\Bin\S24EvMon.exe -> Intel Corporation [Ver = 10, 1, 1, 34 | Size = 540745 bytes | Modified Date = 01/05/2006 10:22:42 | Attr = ] (ScsiAccess) ScsiAccess [Win32_Own | Auto | Stopped] -> %SystemRoot%\system32\ScsiAccess.EXE -> [Ver = | Size = 181312 bytes | Modified Date = 04/02/2003 09:22:30 | Attr = ] [Driver Services - Non-Microsoft Only] (APPDRV) APPDRV [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\APPDRV.SYS -> Dell Inc [Ver = 1, 0, 1, 1 | Size = 16128 bytes | Modified Date = 12/08/2005 18:50:46 | Attr = ] (ASCTRM) ASCTRM [Kernel | Auto | Stopped] -> %SystemRoot%\System32\drivers\asctrm.sys -> Windows (R) 2000 DDK provider [Ver = 5.00.2195.1 | Size = 8552 bytes | Modified Date = 14/11/2006 23:53:43 | Attr = ] (ATWPKT2) ATWPKT2 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\atwpkt2.sys -> America Online [Ver = 4.7.30.10 | Size = 24960 bytes | Modified Date = 26/11/2007 20:09:46 | Attr = ] (DcCam) Kodak Camera Proxy [Kernel | System | Running] -> %SystemRoot%\system32\drivers\DcCam.sys -> Eastman Kodak Company [Ver = 1.5.0500.8 | Size = 36918 bytes | Modified Date = 05/12/2003 10:40:20 | Attr = ] (DcFpoint) DcFpoint [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\DcFpoint.sys -> Eastman Kodak Company [Ver = 1.5.0500.1 | Size = 61564 bytes | Modified Date = 30/09/2003 19:00:08 | Attr = ] (DCFS2K) Kodak DCFS2K Driver [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\DCFS2k.sys -> Eastman Kodak Company [Ver = 1.0.4100.2 | Size = 38737 bytes | Modified Date = 16/11/2003 20:50:06 | Attr = ] (DcLps) Legacy Polling Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\DcLps.sys -> Eastman Kodak Company [Ver = 1.5.0500.1 | Size = 8022 bytes | Modified Date = 30/09/2003 18:59:14 | Attr = ] (DcPTP) DcPTP [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\DcPtp.sys -> Eastman Kodak Company [Ver = 1.5.0500.8 | Size = 68182 bytes | Modified Date = 05/12/2003 10:48:34 | Attr = ] (DSproct) DSproct [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Dell Support\GTAction\triggers\DSproct.sys -> GTek Technologies Ltd. [Ver = 1, 0, 0, 28 | Size = 4864 bytes | Modified Date = 10/01/2006 13:07:58 | Attr = ] (E100B) Intel(R) PRO Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\e100b325.sys -> Intel Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 117760 bytes | Modified Date = 17/08/2001 13:12:10 | Attr = ] (Exportit) Exportit [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\ExportIt.sys -> Eastman Kodak Company [Ver = 1.0.8900.0 | Size = 148529 bytes | Modified Date = 19/02/2004 09:23:46 | Attr = ] (FilterService) UVC Filter Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\lvuvcflt.sys -> Logitech Inc. [Ver = 11.5.0.1145 | Size = 23832 bytes | Modified Date = 12/10/2007 03:01:06 | Attr = ] (LVcKap) Logitech AEC Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Lvckap.sys -> Logitech Inc. [Ver = 11.5.0.1158 | Size = 2109976 bytes | Modified Date = 19/10/2007 14:16:30 | Attr = ] (LVMVDrv) Logitech Machine Vision Engine Loader [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LVMVdrv.sys -> Logitech Inc. [Ver = 11.5.0.1145 | Size = 2142488 bytes | Modified Date = 11/10/2007 19:59:02 | Attr = ] (lvpopflt) Logitech POP Suppression Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\lvpopflt.sys -> Logitech Inc. [Ver = 11.5.0.1145 | Size = 1920920 bytes | Modified Date = 12/10/2007 02:59:12 | Attr = ] (LVPr2Mon) Logitech LVPr2Mon Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LVPr2Mon.sys -> [Ver = | Size = 25624 bytes | Modified Date = 11/10/2007 19:59:24 | Attr = ] (LVUSBSta) Logitech USB Monitor Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LVUSBSta.sys -> Logitech Inc. [Ver = 11.5.0.1145 | Size = 41752 bytes | Modified Date = 12/10/2007 03:00:42 | Attr = ] (LVUVC) Logitech QuickCam Fusion(UVC) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\lvuvc.sys -> Logitech Inc. [Ver = 11.5.0.1145 | Size = 3647384 bytes | Modified Date = 12/10/2007 03:00:54 | Attr = ] (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17/08/2001 14:52:12 | Attr = ] (omci) OMCI WDM Device Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\omci.sys -> Dell Inc [Ver = 7, 1, 382, 0 | Size = 17153 bytes | Modified Date = 13/02/2004 17:46:00 | Attr = ] (rimmptsk) rimmptsk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\rimmptsk.sys -> REDC [Ver = 1.0.0.6 | Size = 28544 bytes | Modified Date = 14/10/2005 16:40:18 | Attr = ] (rimsptsk) rimsptsk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\rimsptsk.sys -> REDC [Ver = 1.00.01.12 | Size = 51328 bytes | Modified Date = 14/10/2005 16:40:18 | Attr = ] (rismxdp) Ricoh xD-Picture Card Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\rixdptsk.sys -> REDC [Ver = 1.00.02.04 | Size = 307968 bytes | Modified Date = 14/10/2005 16:40:18 | Attr = ] (s24trans) WLAN Transport [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\s24trans.sys -> Intel Corporation [Ver = 10, 1, 1, 3 | Size = 13568 bytes | Modified Date = 01/05/2006 10:52:02 | Attr = ] (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17/08/2001 15:07:44 | Attr = ] (SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SynTP.sys -> Synaptics, Inc. [Ver = 8.2.4.6 08Mar06 | Size = 191872 bytes | Modified Date = 08/03/2006 19:35:10 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> AOLDialer -> %CommonProgramFiles%\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe] -> AOL LLC [Ver = 4.7.30.10.UK.4.7.32.1 | Size = 71008 bytes | Modified Date = 07/12/2007 16:30:37 | Attr = R ] ATICCC -> %ProgramFiles%\ATI Technologies\ATI.ACE\CLI.exe ["C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay] -> ATI Technologies Inc. [Ver = 1.11.0.0 | Size = 45056 bytes | Modified Date = 02/01/2006 18:41:22 | Attr = ] CTSVolFE.exe -> %ProgramFiles%\Creative\Mixer\CTSVolFE.exe ["C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r] -> Creative Technology Ltd [Ver = 1.0.1.0 | Size = 57344 bytes | Modified Date = 23/02/2005 16:57:24 | Attr = ] DLA -> %SystemRoot%\system32\dla\DLACTRLW.EXE [C:\WINDOWS\System32\DLA\DLACTRLW.EXE] -> Sonic Solutions [Ver = 5.20.34a | Size = 127036 bytes | Modified Date = 13/06/2006 05:20:00 | Attr = ] HostManager -> %CommonProgramFiles%\AOL\1174427176\ee\aolsoftware.exe [C:\Program Files\Common Files\AOL\1174427176\ee\AOLSoftware.exe] -> America Online, Inc. [Ver = 1.5.6.1 | Size = 50736 bytes | Modified Date = 17/11/2006 14:21:49 | Attr = ] IntelWireless -> %ProgramFiles%\Intel\Wireless\Bin\iFrmewrk.exe ["C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless] -> Intel Corporation [Ver = 10, 1, 1, 19 | Size = 602182 bytes | Modified Date = 01/05/2006 10:28:26 | Attr = ] IntelZeroConfig -> %ProgramFiles%\Intel\Wireless\Bin\ZCfgSvc.exe ["C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"] -> Intel Corporation [Ver = 10, 1, 1, 45 | Size = 667718 bytes | Modified Date = 01/05/2006 10:28:06 | Attr = ] ISUSPM Startup -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe [C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup] -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 221184 bytes | Modified Date = 27/07/2004 17:50:42 | Attr = ] ISUSScheduler -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> InstallShield Software Corporation [Ver = 3, 10, 100, 1155 | Size = 81920 bytes | Modified Date = 27/07/2004 17:50:18 | Attr = ] iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> Apple Inc. [Ver = 7.6.1.9 | Size = 267048 bytes | Modified Date = 19/02/2008 14:10:32 | Attr = ] KernelFaultCheck -> [%systemroot%\system32\dumprep 0 -k] -> File not found LogitechCommunicationsManager -> %CommonProgramFiles%\LogiShrd\LComMgr\Communications_Helper.exe ["C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"] -> [Ver = | Size = 563984 bytes | Modified Date = 25/10/2007 17:33:22 | Attr = ] LogitechQuickCamRibbon -> %ProgramFiles%\Logitech\QuickCam\Quickcam.exe ["C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide] -> [Ver = | Size = 2178832 bytes | Modified Date = 25/10/2007 17:37:32 | Attr = ] lphca0wj0e779 -> %SystemRoot%\system32\lphca0wj0e779.exe [C:\WINDOWS\system32\lphca0wj0e779.exe] -> [Ver = | Size = 203776 bytes | Modified Date = 28/08/2008 22:06:59 | Attr = ] mcagent_exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe [C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey] -> McAfee, Inc. [Ver = 8,0,237,0 | Size = 582992 bytes | Modified Date = 01/11/2007 19:12:38 | Attr = ] PCMService -> %ProgramFiles%\Dell\MediaDirect\PCMService.exe ["C:\Program Files\Dell\MediaDirect\PCMService.exe"] -> CyberLink Corp. [Ver = 4, 5, 0, 0 | Size = 184320 bytes | Modified Date = 22/08/2006 16:32:18 | Attr = ] QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> Apple Inc. [Ver = 7.4.1 | Size = 385024 bytes | Modified Date = 01/02/2008 00:13:08 | Attr = ] RealTray -> %ProgramFiles%\Real\RealPlayer\realplay.exe [C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER] -> RealNetworks, Inc. [Ver = 6.0.9.584 | Size = 26112 bytes | Modified Date = 14/11/2006 23:53:41 | Attr = ] SigmatelSysTrayApp -> %SystemRoot%\stsystra.exe [stsystra.exe] -> SigmaTel, Inc. [Ver = 1.0.4995.1 nd446 cp1 | Size = 282624 bytes | Modified Date = 25/03/2006 00:30:44 | Attr = ] SiteAdvisor -> %ProgramFiles%\SiteAdvisor\6253\SiteAdv.exe [C:\Program Files\SiteAdvisor\6253\SiteAdv.exe] -> McAfee, Inc. [Ver = 2.3.0 | Size = 36904 bytes | Modified Date = 09/02/2007 05:37:22 | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_06\bin\jusched.exe ["C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 36975 bytes | Modified Date = 10/11/2005 14:03:52 | Attr = ] SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> Synaptics, Inc. [Ver = 8.2.4.6 08Mar06 | Size = 761947 bytes | Modified Date = 08/03/2006 19:48:02 | Attr = ] < RunOnceEx [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx -> -> [] -> File not found < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> DellSupport -> %ProgramFiles%\Dell Support\DSAgnt.exe ["C:\Program Files\Dell Support\DSAgnt.exe" /startup] -> Gteko Ltd. [Ver = 2, 1, 3, 173 | Size = 389120 bytes | Modified Date = 16/07/2006 22:29:54 | Attr = ] ModemOnHold -> %ProgramFiles%\NetWaiting\netwaiting.exe [C:\Program Files\NetWaiting\netWaiting.exe] -> [Ver = | Size = 20480 bytes | Modified Date = 10/09/2003 03:24:00 | Attr = ] < Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 23/09/2005 23:05:26 | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk -> %ProgramFiles%\AOL 9.0\aoltray.exe -> America Online, Inc. [Ver = 9.00.001 | Size = 156784 bytes | Modified Date = 09/08/2006 13:14:38 | Attr = H ] %AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> BVRP Software [Ver = 1, 0, 0, 1 | Size = 24576 bytes | Modified Date = 29/10/2003 03:06:00 | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\Google Updater.lnk -> %ProgramFiles%\Google\Google Updater\GoogleUpdater.exe -> Google [Ver = 2.2.969.23408.beta | Size = 126136 bytes | Modified Date = 29/11/2007 22:00:35 | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\Kodak EasyShare software.lnk -> %ProgramFiles%\Kodak\Kodak EasyShare software\bin\EasyShare.exe -> Eastman Kodak Company [Ver = 2, 0, 21, 57 | Size = 635019 bytes | Modified Date = 27/04/2004 03:04:44 | Attr = ] %AllUsersProfile%\Start Menu\Programs\Startup\Kodak software updater.lnk -> %ProgramFiles%\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe -> [Ver = | Size = 16423 bytes | Modified Date = 11/02/2004 17:58:16 | Attr = ] < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> %SystemRoot%\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) | Size = 1033216 bytes | Modified Date = 13/06/2007 11:23:07 | Attr = ] *MultiFile Done* -> -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\WINDOWS\system32\userinit.exe -> %SystemRoot%\system32\userinit.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 24576 bytes | Modified Date = 10/08/2004 06:00:00 | Attr = ] *MultiFile Done* -> -> *UIHost* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost -> logonui.exe -> %SystemRoot%\system32\logonui.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 514560 bytes | Modified Date = 10/08/2004 06:00:00 | Attr = ] *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> rundll32 shell32 -> %SystemRoot%\system32\shell32.dll -> Microsoft Corporation [Ver = 6.00.2900.3241 (xpsp_sp2_qfe.071025-1245) | Size = 8460288 bytes | Modified Date = 26/10/2007 04:34:01 | Attr = ] Control_RunDLL "sysdm.cpl" -> %SystemRoot%\system32\sysdm.cpl -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 298496 bytes | Modified Date = 10/08/2004 06:00:00 | Attr = ] *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4133 | Size = 61440 bytes | Modified Date = 23/05/2006 15:00:44 | Attr = ] < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ not found. -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\InstallVisualStyle -> %SystemRoot%\Resources\Themes\Royale\Royale.mss [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\InstallTheme -> %SystemRoot%\Resources\Themes\Royale.the [C:\WINDOWS\Resources\Themes\Royale.theme] -> File not found < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> Reg Error: Key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ not found. -> -> < CDROM Autorun Setting > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\ -> -> *DependOnGroup* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DependOnGroup -> SCSI miniport -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Group -> SCSI CDROM Class -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Start -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Tag -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\Type -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\DisplayName -> CD-ROM Driver -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\ImagePath -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49536 bytes | Modified Date = 10/08/2004 06:00:00 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun -> 1 -> *AutoRunAlwaysDisable* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRunAlwaysDisable -> NEC MBR-7 -> -> File not found NEC MBR-7.4 -> -> File not found PIONEER CHANGR DRM-1804X -> -> File not found PIONEER CD-ROM DRM-6324X -> -> File not found PIONEER CD-ROM DRM-624X -> -> File not found TORiSAN CD-ROM CDR_C36 -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum\ -> -> < Drives with AutoRun files > -> -> AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [Ver = | Size = 0 bytes | Modified Date = 16/08/2005 05:43:04 | Attr = ] < HOSTS File > (734 bytes and 19 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 127.0.0.1 localhost < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\Default_Search_URL -> http://www.google.com/ie -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com/ie -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Default_Page_URL -> www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=4061114 -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Bar -> http://www.google.co.uk/hws/sb/dell-usuk/en/side.html?channel=uk -> HKEY_CURRENT_USER\: Main\\Search Page -> http://www.google.co.uk/hws/sb/dell-usuk/en/side.html?channel=uk -> HKEY_CURRENT_USER\: Main\\Start Page -> www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=4061114 -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> objects_aol.com [*] -> Out of zone range - ( 5 ) -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar Helper] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 26/10/2006 10:28:40 | Attr = ] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 12/01/2006 21:38:22 | Attr = ] {089FD14D-132B-48FC-8861-0048AE113215} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SiteAdvisor\6261\SiteAdv.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 927008 bytes | Modified Date = 16/05/2008 17:49:40 | Attr = ] {22BF413B-C6D2-4d91-82A9-A0F997BA588C} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (mastermind)] -> Skype Technologies S.A. [Ver = 2, 2, 0, 117 | Size = 1312040 bytes | Modified Date = 13/09/2007 13:31:40 | Attr = ] {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\McAfee\MSK\mcapbho.dll [McAfee Phishing Filter] -> [Ver = | Size = 324936 bytes | Modified Date = 26/11/2007 10:46:10 | Attr = ] {5CA3D70E-1895-11CF-8E15-001234567890} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\dla\DLASHX_W.DLL [DriveLetterAccess] -> Sonic Solutions [Ver = 5.20.34a | Size = 110652 bytes | Modified Date = 13/06/2006 05:20:00 | Attr = ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 10/11/2005 14:22:12 | Attr = ] {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\McAfee\VirusScan\scriptsn.dll [scriptproxy] -> McAfee, Inc. [Ver = VSCORE.14.0.0.366.x86 | Size = 58688 bytes | Modified Date = 09/11/2007 12:09:08 | Attr = ] {AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 29/11/2007 22:01:11 | Attr = R ] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 3, 0, 1225, 9868 | Size = 734704 bytes | Modified Date = 25/04/2008 12:37:53 | Attr = ] {CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\BAE\BAE.dll [CBrowserHelperObject Object] -> Dell Inc. [Ver = 1.1.0.1 | Size = 94208 bytes | Modified Date = 30/08/2006 19:40:20 | Attr = ] < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> {0BF43445-2F28-4351-9252-17FE6E806AA0} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SiteAdvisor\6261\SiteAdv.dll [McAfee SiteAdvisor] -> [Ver = | Size = 927008 bytes | Modified Date = 16/05/2008 17:49:40 | Attr = ] {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 29/11/2007 22:01:11 | Attr = R ] {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> Yahoo! Inc. [Ver = 2006, 10, 26, 1 | Size = 440384 bytes | Modified Date = 26/10/2006 10:28:40 | Attr = ] < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar1.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 29/11/2007 22:01:11 | Attr = R ] < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_06\bin\NPJPI150_06.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 69746 bytes | Modified Date = 10/11/2005 14:22:12 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 10/11/2005 14:22:12 | Attr = ] {77BF5300-1474-4EC7-9980-D32B190E9B07}:{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype] -> Skype Technologies S.A. [Ver = 2, 2, 0, 117 | Size = 1312040 bytes | Modified Date = 13/09/2007 13:31:40 | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_06\bin\NPJPI150_06.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 69746 bytes | Modified Date = 10/11/2005 14:22:12 | Attr = ] CmdMapping\\{77BF5300-1474-4EC7-9980-D32B190E9B07} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [Skype add-on (button)] -> Skype Technologies S.A. [Ver = 2, 2, 0, 117 | Size = 1312040 bytes | Modified Date = 13/09/2007 13:31:40 | Attr = ] < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &Google Search -> %ProgramFiles%\Google\GoogleToolbar1.dll -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 29/11/2007 22:01:11 | Attr = R ] &Translate English Word -> %ProgramFiles%\Google\GoogleToolbar1.dll -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 29/11/2007 22:01:11 | Attr = R ] Backward Links -> %ProgramFiles%\Google\GoogleToolbar1.dll -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 29/11/2007 22:01:11 | Attr = R ] Cached Snapshot of Page -> %ProgramFiles%\Google\GoogleToolbar1.dll -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 29/11/2007 22:01:11 | Attr = R ] Similar Pages -> %ProgramFiles%\Google\GoogleToolbar1.dll -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 29/11/2007 22:01:11 | Attr = R ] Translate Page into English -> %ProgramFiles%\Google\GoogleToolbar1.dll -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 29/11/2007 22:01:11 | Attr = R ] < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < User Agent Post Platform [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform -> SV1 -> -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {22AA88E8-4F78-4F77-9635-F6A917631444} -> (Intel(R) PRO/Wireless 3945ABG Network Connection) -> {9780DF78-19DF-40D5-A177-158FE27C69BD} -> (1394 Net Adapter) -> {A78B59C0-3FF0-4F35-9D87-E3024E93F06C} -> (Windows Mobile-based Device) -> {BFD52C6D-0112-46E7-8DC3-03080EFB66D7} -> (Windows Mobile-based Device) -> {D13A102F-8108-4700-9812-43C4D0AE39D4} -> () -> {EDAC22B1-20DE-4995-897A-29505AA2BA54} -> (Broadcom 440x 10/100 Integrated Controller) -> < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> Apple Inc. [Ver = 1,0,4,12 | Size = 147456 bytes | Modified Date = 24/07/2007 16:17:08 | Attr = ] < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> No CLSID value msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value siteadvisor:{3A5DC592-7723-4EAA-9EE6-AF4222BCF879} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SiteAdvisor\6261\SiteAdv.dll[Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 927008 bytes | Modified Date = 16/05/2008 17:49:40 | Attr = ] skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Skype\Skype4COM.dll[IEProtocolHandler Class] -> Skype Technologies [Ver = 1, 0, 27, 2 | Size = 1828176 bytes | Modified Date = 13/09/2007 13:31:38 | Attr = R ] < Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> application/x-internet-signup:{A173B69A-1F9B-4823-9FDA-412F641E65D6}[HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll[INSMimeFilterPP Class] -> [Ver = 1, 0, |