slow browsing.

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

mohan55

Thread Starter
Joined
Sep 30, 2005
Messages
75
The problem with my computer is that while browsing say "Yahoo.com" to check my mail The page opens and the progress bar moves fast initialy and half way down it just stalls on and on ...for quite sometime before it completes its work. When checking my html mails it takes quite a long to finish it. Sometimes a message displays "Timeout or something like that. Now i did a cleanup 40 and "ewido scan "in safe mode.I also run a online "kaspersky.All these showed clear."Here is my hjt log. Pl help.

Logfile of HijackThis v1.99.1
Scan saved at 2:08:28 PM, on 12/23/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\Program Files\ewido\security suite\ewidoctrl.exe
E:\Program Files\Palick Soft\HDD Temperature\HDDTsvc.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\WINDOWS\system32\qttask.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\r2 Studios\Copycat\Copycat.exe
E:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
E:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - E:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] E:\WINDOWS\system32\qttask.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Copycat] "E:\Program Files\r2 Studios\Copycat\Copycat.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "E:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe" -quiet
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://E:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - E:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/k...an_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - E:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1131385450566
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1131612354024
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - E:\Program Files\Palick Soft\HDD Temperature\HDDTsvc.exe

Quote | Quick Reply
mohan55
View Public Profile
Send a private message to mohan55
Send email to mohan55
Find all posts by mohan55
Add mohan55 to Your Buddy List
#2 Report Post to Moderators
23-Dec-2005, 09:45 AM
imidiot imidiot is online now
Senior Member
 
Joined
May 13, 2005
Messages
4,699
Hi there, i believe i see a bad file --> i would like to confirm this.

Please visit http://virusscan.jotti.org/
Click on Browse... and navigate to the following file: E:\Program Files\r2 Studios\Copycat\Copycat.exe
Click Open
Please let me know the results.

Thanks
David
 

mohan55

Thread Starter
Joined
Sep 30, 2005
Messages
75
Here is the report.

Jotti's malware scan 2.99-TRANSITION_TO_3.00
File to upload & scan: Virus

Service
Service load:
0% 100%
File: Copycat.exe
Status:
OK (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5 0269201525e62f91a8c77c0004f96358
Packers detected:
-
Scanner results
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
UNA
Found nothing
VBA32
Found nothing

Powered by
images/antivir.png images/arcabit.png images/avast.png images/avg.gif images/bitdefender.png images/clamav-logo1.png images/drweb.gif images/f-prot.png images/fortinet.gif images/kaspersky.png images/nod32.gif images/norman.png images/una_logo.jpg images/vba32.png
Disclaimer
This service is by no means 100% safe. If this scanner says 'OK', it does not necessarily mean the file is clean. There could be a whole new virus on the loose. NEVER EVER rely on one single product only, not even this service, even though it utilizes several products. Therefore, We cannot and will not be held responsible for any damage caused by results presented by this non-profit online service.

Also, we are aware of the implications of a setup like this. We are sure this whole thing is by no means scientifically correct, since this is a fully automated service (although manual correction is possible). We are aware, in spite of efforts to proactively counter these, false positives might occur, for example. We do not consider this a very big issue, so please do not e-mail us about it. This is a simple online scan service, not the university of Wichita.

Scanning can take a while, since several scanners are being used, plus the fact some scanners use very high levels of (time consuming) heuristics. Scanners used are Linux versions, differences with Windows scanners may or may not occur. Another note: some scanners will only report one virus when scanning archives with multiple pieces of malware.

Virus definitions are updated every hour. There is a 15Mb limit per file. Please refrain from uploading tons of hex-edited or repacked variants of the same sample.

Please do not ask for viruses uploaded here, unless you work for an anti-virus vendor. They are not for trade. This is a legitimate service, not a VX site. Viruses uploaded here will be distributed to antivirus vendors without exception. If you do not want your files to be distributed, please do not send them at all.

Sponsored by donations (in random order) from: Stormbyte Technologies LLC, The ClamAV project, James Love, Gideon Pertzov, Malcolm Murray, Nigel Thomas, Wendy Dickerson, Anthony Midmore, "ethereal", Mark Rubins, Steve S., Eric Johansen, Eric Schechter, Paul Bokel, Wilders Security, Wilfried Lilie, Prevx, SonicWALL, Lance Mueller, Ewido networks, and some people who prefer to remain anonymous... many thanks to all!

Statistics
Last file scanned at least one scanner reported something about: mvplocator.zip, detected by:

Scanner Malware name
AntiVir X
ArcaVir X
Avast Win32:Sepuf
AVG Antivirus X
BitDefender Trojan.NTPacker
ClamAV X
Dr.Web X
F-Prot Antivirus X
Fortinet X
Kaspersky Anti-Virus Trojan-Dropper.Win32.Delf.rc
NOD32 X
Norman Virus Control X
UNA X
VBA32 Embedded.Trojan-Dropper.Win32.Delf.rc


You're free to (mis)interpret these automated, flawed statistics at your own discretion. For antivirus comparisons, visit AV comparatives
We are not affiliated with any third parties that conduct tests using this service.



Frequently asked questions - Feedback

Debian Valid HTML 4.01!

Page generated by JTPL

Copyright © 2004-2005 Jordi Bosveld <[email protected]>
 
Joined
May 13, 2005
Messages
4,699
Download WinPFind!
  • Extract WinPFind.zip to your c:\ folder.
  • Reboot your computer into Safe Mode
  • Then open c:\WinPFind and double-click on WinPFind.exe.
  • When the program is open, click on the Start Scan button to start scanning your computer.
  • Be patient as this scan may take a while. When it is done, it will show a log and tell you the scan is completed.
  • Reboot your computer back to normal mode and and post the contents of c:\WinPFind\WinPFind.txt as a reply to this topic.
 

mohan55

Thread Starter
Joined
Sep 30, 2005
Messages
75
WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600
Internet Explorer Version: 6.0.2900.2180

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...
UPX! 1/8/2006 12:34:08 PM 234438656 E:\WINDOWS\MEMORY.DMP
FSG! 1/8/2006 12:34:08 PM 234438656 E:\WINDOWS\MEMORY.DMP
PEC2 1/8/2006 12:34:08 PM 234438656 E:\WINDOWS\MEMORY.DMP
Umonitor 1/8/2006 12:34:08 PM 234438656 E:\WINDOWS\MEMORY.DMP
qoologic 1/8/2006 12:34:08 PM 234438656 E:\WINDOWS\MEMORY.DMP
aspack 1/8/2006 12:34:08 PM 234438656 E:\WINDOWS\MEMORY.DMP
abetterinternet.com 1/8/2006 12:34:08 PM 234438656 E:\WINDOWS\MEMORY.DMP
ad-w-a-r-e.com 1/8/2006 12:34:08 PM 234438656 E:\WINDOWS\MEMORY.DMP
UPX! 5/3/2005 11:44:44 AM 25157 E:\WINDOWS\RMAgentOutput.dll
UPX! 1/10/2005 4:17:24 PM 170053 E:\WINDOWS\tsc.exe
UPX! 12/2/2003 5:00:10 AM 45056 E:\WINDOWS\Unwash5.exe

Checking %System% folder...
PEC2 8/4/2004 1:07:00 AM 41397 E:\WINDOWS\SYSTEM32\dfrg.msc
winsync 8/4/2004 1:07:00 AM 1309184 E:\WINDOWS\SYSTEM32\wbdbase.deu
aspack 8/4/2004 1:07:00 AM 708096 E:\WINDOWS\SYSTEM32\ntdll.dll
PECompact2 1/4/2006 7:46:40 PM 2827616 E:\WINDOWS\SYSTEM32\MRT.exe
aspack 1/4/2006 7:46:40 PM 2827616 E:\WINDOWS\SYSTEM32\MRT.exe
Umonitor 8/4/2004 1:07:00 AM 657920 E:\WINDOWS\SYSTEM32\rasdlg.dll
PTech 7/12/2005 6:04:22 PM 520456 E:\WINDOWS\SYSTEM32\LegitCheckControl.dll
UPX! 12/20/2005 4:21:38 PM 481280 E:\WINDOWS\SYSTEM32\aswBoot.exe

Checking %System%\Drivers folder and sub-folders...
PTech 8/3/2004 10:41:38 PM 1309184 E:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys

Items found in E:\WINDOWS\SYSTEM32\drivers\etc\hosts


Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
1/5/2006 11:17:58 AM H 54156 E:\WINDOWS\QTFont.qfn
1/13/2006 5:39:38 PM S 2048 E:\WINDOWS\bootstat.dat
1/6/2006 7:40:06 PM RH 749 E:\WINDOWS\WindowsShell.Manifest
1/6/2006 7:40:06 PM RH 749 E:\WINDOWS\system32\cdplayer.exe.manifest
1/6/2006 7:40:20 PM RH 488 E:\WINDOWS\system32\WindowsLogon.manifest
1/6/2006 7:40:06 PM RH 749 E:\WINDOWS\system32\ncpa.cpl.manifest
1/6/2006 7:40:06 PM RH 749 E:\WINDOWS\system32\nwc.cpl.manifest
1/6/2006 7:40:06 PM RH 749 E:\WINDOWS\system32\sapi.cpl.manifest
1/6/2006 7:40:06 PM RH 749 E:\WINDOWS\system32\wuaucpl.cpl.manifest
1/6/2006 7:40:20 PM RH 488 E:\WINDOWS\system32\logonui.exe.manifest
1/13/2006 3:49:28 PM H 802816 E:\WINDOWS\system32\config\system.LOG
1/13/2006 3:49:28 PM H 143360 E:\WINDOWS\system32\config\software.LOG
1/13/2006 3:49:28 PM H 8192 E:\WINDOWS\system32\config\default.LOG
1/6/2006 7:44:06 PM H 1024 E:\WINDOWS\system32\config\userdiff.LOG
1/6/2006 7:14:40 PM H 1024 E:\WINDOWS\system32\config\TempKey.LOG
1/13/2006 5:40:06 PM H 1024 E:\WINDOWS\system32\config\SAM.LOG
1/13/2006 5:39:40 PM H 16384 E:\WINDOWS\system32\config\SECURITY.LOG
1/6/2006 7:44:06 PM H 1024 E:\WINDOWS\system32\config\userdifr.LOG
1/13/2006 1:24:24 PM H 1024 E:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
1/6/2006 7:55:02 PM HS 67 E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\4CVKFAE9\desktop.ini
1/6/2006 7:55:02 PM HS 67 E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\YJ22WXIP\desktop.ini
1/6/2006 7:55:02 PM HS 67 E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OQZY6L9D\desktop.ini
1/6/2006 7:55:02 PM HS 67 E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\NDRI4PTE\desktop.ini
12/4/2005 12:57:00 PM S 144 E:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735
12/4/2005 12:57:00 PM S 558 E:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735
1/3/2006 3:09:36 AM S 11223 E:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB912919.cat
12/1/2005 8:17:10 AM S 21633 E:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB905915.cat
12/2/2005 4:12:48 AM S 10925 E:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB910437.cat
1/6/2006 7:43:26 PM H 274432 E:\WINDOWS\repair\ntuser.dat
1/6/2006 7:41:46 PM HS 67 E:\WINDOWS\Fonts\desktop.ini
1/8/2006 1:38:18 PM H 490736 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\6d23b8f719dc5412ac7aeb7db3387c36\BIT145.tmp
1/8/2006 1:40:22 PM H 477936 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\901d98c899726f2d1e49c234329550a9\BIT146.tmp
1/8/2006 1:33:26 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\a10059c9324422cfcb0f7ef897dbfc6d\BIT147.tmp
1/8/2006 1:40:26 PM H 151105 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\550b1142f7e1f8ec32b1cdb4c5b12158\BIT148.tmp
1/8/2006 1:33:36 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\05844d04ccfc746aa3dd67203520987a\BIT149.tmp
1/8/2006 1:33:40 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\c2127dcc8bf292b100f1f5c57af251dd\BIT14A.tmp
1/8/2006 1:33:46 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\e0dc0b83689ce7b61aec9a92ab403ff5\BIT14B.tmp
1/8/2006 1:33:50 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\cf6711df6004b507aee20e828abd0934\BIT14C.tmp
1/8/2006 1:33:54 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\837ee431df87226c3788bde39d0fd5c6\BIT14D.tmp
1/8/2006 1:40:26 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\9068529eb9ffcb0374073e28df2ec7a6\BIT14E.tmp
1/8/2006 1:34:00 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\12872a4fd5ad52aafc9035961c16e563\BIT14F.tmp
1/8/2006 1:34:04 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\be72c3b46431532aa2193569e516ebe6\BIT150.tmp
1/8/2006 1:34:06 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\79a472c662fcaea1ff845b3a03de2d4f\BIT151.tmp
1/8/2006 1:40:28 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\0da4d07f1c0daddae341154d5c5618e8\BIT152.tmp
1/8/2006 1:34:12 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\e248e6e6cf7cf235ca9adad589c1947a\BIT153.tmp
1/8/2006 1:34:14 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\87984ff3f5f258c3fb76f77aed6cd4ee\BIT154.tmp
1/8/2006 1:34:18 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\9c6a857a536c230a49190993fc1c2a15\BIT155.tmp
1/8/2006 1:34:20 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\044a6f562ca5290509d799bf41a52aed\BIT156.tmp
1/8/2006 1:40:28 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\2fd1475c658b5f3d7119d195bcf03673\BIT157.tmp
1/8/2006 1:34:26 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\474a8084e7d71c0382393b235ac66fb0\BIT158.tmp
1/8/2006 1:34:28 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\e8aaf3d0f5a2a9436cb55a74f4d86214\BIT159.tmp
1/8/2006 1:34:32 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\bd0c48d4592ffe3631c19bd04a50ac18\BIT15A.tmp
1/8/2006 1:40:28 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\c9ca23e0db0bf40b7c223d3803986f23\BIT15B.tmp
1/8/2006 1:34:38 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\088cc7a2d384933a5ebb143795c0edd5\BIT15C.tmp
1/8/2006 1:34:42 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\0f034613258cda0f8c8da15d1b762ae0\BIT15D.tmp
1/8/2006 1:34:44 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\e2b4d3fe99fff743f9d3d64ed7c7e582\BIT15E.tmp
1/8/2006 1:34:48 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\a457e75c5a9739cc361e8142d870bb7f\BIT15F.tmp
1/8/2006 1:34:50 PM H 0 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\2991f70fec08210a301ba3d28684d595\BIT160.tmp
1/9/2006 10:55:24 AM H 1101152 E:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\d15ea133e7c4dfa84ed836a4b565d9d3\BIT2C.tmp
1/13/2006 3:49:14 PM H 6 E:\WINDOWS\Tasks\SA.DAT
1/6/2006 7:40:20 PM H 65 E:\WINDOWS\Downloaded Program Files\desktop.ini
1/6/2006 7:40:20 PM H 65 E:\WINDOWS\Offline Web Pages\desktop.ini

Checking for CPL files...
Microsoft Corporation 5/26/2005 4:16:30 AM 174360 E:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 358400 E:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 187904 E:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 380416 E:\WINDOWS\SYSTEM32\irprops.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 36864 E:\WINDOWS\SYSTEM32\nwc.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 298496 E:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 28160 E:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 148480 E:\WINDOWS\SYSTEM32\wscui.cpl
Apple Computer, Inc. 12/18/2001 8:04:20 PM 287232 E:\WINDOWS\SYSTEM32\QuickTime.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 110592 E:\WINDOWS\SYSTEM32\bthprops.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 25600 E:\WINDOWS\SYSTEM32\netsetup.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 155136 E:\WINDOWS\SYSTEM32\hdwwiz.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 257024 E:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 549888 E:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 135168 E:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 35840 E:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 80384 E:\WINDOWS\SYSTEM32\firewall.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 129536 E:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 68608 E:\WINDOWS\SYSTEM32\joy.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 618496 E:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 94208 E:\WINDOWS\SYSTEM32\timedate.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 32768 E:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 114688 E:\WINDOWS\SYSTEM32\powercfg.cpl
12/29/2002 1:14:38 AM 81920 E:\WINDOWS\SYSTEM32\Startup.cpl
Symantec Corporation 6/26/1998 6:26:00 PM 151040 E:\WINDOWS\SYSTEM32\S32LUCP1.CPL
Microsoft Corporation 8/4/2004 1:07:00 AM 36864 E:\WINDOWS\SYSTEM32\dllcache\nwc.cpl
Microsoft Corporation 8/4/2004 5:07:00 AM 68608 E:\WINDOWS\SYSTEM32\dllcache\access.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 32768 E:\WINDOWS\SYSTEM32\dllcache\odbccp32.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 549888 E:\WINDOWS\SYSTEM32\dllcache\appwiz.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 135168 E:\WINDOWS\SYSTEM32\dllcache\desk.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 80384 E:\WINDOWS\SYSTEM32\dllcache\firewall.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 155136 E:\WINDOWS\SYSTEM32\dllcache\hdwwiz.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 358400 E:\WINDOWS\SYSTEM32\dllcache\inetcpl.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 129536 E:\WINDOWS\SYSTEM32\dllcache\intl.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 68608 E:\WINDOWS\SYSTEM32\dllcache\joy.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 187904 E:\WINDOWS\SYSTEM32\dllcache\main.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 618496 E:\WINDOWS\SYSTEM32\dllcache\mmsys.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 35840 E:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 25600 E:\WINDOWS\SYSTEM32\dllcache\netsetup.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 257024 E:\WINDOWS\SYSTEM32\dllcache\nusrmgr.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 114688 E:\WINDOWS\SYSTEM32\dllcache\powercfg.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 155648 E:\WINDOWS\SYSTEM32\dllcache\sapi.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 298496 E:\WINDOWS\SYSTEM32\dllcache\sysdm.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 28160 E:\WINDOWS\SYSTEM32\dllcache\telephon.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 94208 E:\WINDOWS\SYSTEM32\dllcache\timedate.cpl
Microsoft Corporation 8/4/2004 1:07:00 AM 148480 E:\WINDOWS\SYSTEM32\dllcache\wscui.cpl
Microsoft Corporation 5/26/2005 4:16:30 AM 174360 E:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
1/2/2006 10:51:28 AM 715 E:\Documents and Settings\All Users\Start Menu\Programs\Startup\Controller.LNK
1/6/2006 7:43:18 PM HS 84 E:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
1/12/2006 9:31:04 AM 285 E:\Documents and Settings\All Users\Start Menu\Programs\Startup\Detector.lnk

Checking files in %ALLUSERSPROFILE%\Application Data folder...
1/6/2006 7:19:50 PM HS 62 E:\Documents and Settings\All Users\Application Data\desktop.ini

Checking files in %USERPROFILE%\Startup folder...
4/10/2005 10:24:30 PM HS 84 E:\Documents and Settings\Mohan\Start Menu\Programs\Startup\desktop.ini

Checking files in %USERPROFILE%\Application Data folder...
4/10/2005 9:56:38 PM HS 62 E:\Documents and Settings\Mohan\Application Data\desktop.ini
1/13/2006 11:01:26 AM 104 E:\Documents and Settings\Mohan\Application Data\stats.mst

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
SV1 =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\avast
{472083B0-C522-11CF-8763-00608CC02F24} = E:\Program Files\Alwil Software\Avast4\ashShell.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\BriefcaseMenu
{85BBD920-42A0-1069-A2E4-08002B30309D} = syncui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\DecExt
{a90d5ea0-a1d7-11cf-8dc1-00805fc2353f} = E:\tools\decext\decext.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ewido
{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = E:\Program Files\ewido\security suite\context.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
{09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Washer
{6EE51AA0-77A0-11D7-B4E1-000347126E46} = E:\PROGRA~1\COMMON~1\WEBROO~1\SHELLW~1.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Yahoo! Mail
{5464D816-CF16-4784-B9F3-75C0DB52B499} = E:\PROGRA~1\YAHOO!\COMMON\ymmapi.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Start Menu Pin = %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\avast
{472083B0-C522-11CF-8763-00608CC02F24} = E:\Program Files\Alwil Software\Avast4\ashShell.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\BriefcaseMenu
{85BBD920-42A0-1069-A2E4-08002B30309D} = syncui.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ewido
{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = E:\Program Files\ewido\security suite\context.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Washer
{6EE51AA0-77A0-11D7-B4E1-000347126E46} = E:\PROGRA~1\COMMON~1\WEBROO~1\SHELLW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
= %SystemRoot%\system32\SHELL32.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Yahoo! Toolbar Helper = E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
AcroIEHlprObj Class = E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}
= E:\PROGRA~1\SPYBOT~1\SDHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
Yahoo! IE Services Button = E:\Program Files\Yahoo!\Common\yiesrvc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
&Yahoo! Messenger = E:\PROGRA~1\YAHOO!\COMMON\yhexbmesus.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
&Tip of the Day = %SystemRoot%\system32\shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = Yahoo! Toolbar : E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping
MenuText = :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
ButtonText = Yahoo! Services :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
ButtonText = Research :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
ButtonText = Messenger : E:\Program Files\Messenger\msmsgs.exe

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
=
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}
Favorites Band = %SystemRoot%\system32\shdocvw.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\system32\browseui.dll
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = :
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\system32\browseui.dll
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll
{EF99BD32-C1FB-11D2-892F-0090271D4F88} = Yahoo! Toolbar : E:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
TkBellExe "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
QuickTime Task E:\WINDOWS\system32\qttask.exe
Cmaudio RunDll32 cmicnfg.cpl,CMICtrlWnd
avast! E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
Copycat "E:\Program Files\r2 Studios\Copycat\Copycat.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
IMAIL Installed = 1
MAPI Installed = 1
MSFS Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Yahoo! Pager "E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
ADCRec E:\Program Files\XemiComputers\ADC Sound Recorder\ADCRec.exe
Window Washer C:\Program Files\Webroot\Washer\wwDisp.exe

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
system.ini 0
win.ini 0
bootini 0
services 0
startup 0


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = E:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
{0DF44EAA-FF21-4412-828E-260A8728E7F1} =


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
dontdisplaylastusername 0
legalnoticecaption
legalnoticetext
shutdownwithoutlogon 1
undockwithoutlogon 1


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoDriveTypeAutoRun 145
NoDrives 0
NoViewOnDrive 0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll
SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = E:\WINDOWS\system32\stobject.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = E:\WINDOWS\system32\userinit.exe,
Shell = Explorer.exe
System =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
= crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
= cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
= cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
= sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
= WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
= wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs


»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.4.1 - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 1/13/2006 9:06:10 PM
 

mohan55

Thread Starter
Joined
Sep 30, 2005
Messages
75
Dear Mr Trojanator,
I am waiting for your reply all these days.Pl look into my problem for my slow browsing,and appreciate for an early reply
 
Joined
May 13, 2005
Messages
4,699
Luckily i came across this and thanks for the PM. This must have slipped the net with my subscribed threads as i never knew this was here :(

I'll get onto replying :)

David
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top