« previous next »
Pages: [1]

Author Topic: Computer acting strangely  (Read 716 times)

Offline dbdonlon

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Computer acting strangely
« on: June 07, 2006, 11:22:27 AM »
My computer, a Dell Inspiron 700m, has never worked like it should.  I think it may just be a lemon, but maybe there's some bad virus like thing lurking on it.  I don't know very much about this kind of thing, but there's a new HijackThis list appended at the bottom of this message.

Among the problems I have -- Windows Update couldn't install about ten critical updates.  I had to install them manually.  I got nine of them to install that way (or at least, WU has stopped bothering me about them) but not the final update, which is this one:

Quote
Security Update for Windows XP (KB890859)
Typical download size: 1.3 MB , 1 minute
A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.  Details...
Just reading that makes me wonder if there isn't something stopping that particular update on purpose.  I have tried Googling to see if there's a common problem with that update, but I didn't find anything that I could understand.

Another problem I've had constantly is the "stop error".  I've tried any number of things to resolve this, including updating the BIOS.  (Though I just did that so maybe it worked).  The stop errors have occurred through various configurations of this machine.  I replaced the hard drive and added memory, swapped the original hard drive back in and took out the added memory and the stop errors continued.  I had understood that stop errors are commonly caused by hardware conflicts, but at the original configuration, there shouldn't be any conflicts should there?

So, is there anything in this HijackThis log that explains why my computer would be troubled?  Or should I focus on hardware issues?

Thanks for any help.

Quote
Logfile of HijackThis v1.99.1
Scan saved at 11:59:06 AM, on 6/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SpywareDetector\SDService.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Maxtor\Maxtor Quick Start\msssort.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\SpywareDetector\SDSystemTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\DELLSU~1\DSAgnt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\ClickToConvert\C2CMonitor.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\dbd\Desktop\hijackthis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.my.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [mssSort] C:\Program Files\Maxtor\Maxtor Quick Start\msssort.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [SystemTraySD] C:\Program Files\SpywareDetector\SDSystemTray.exe
O4 - HKLM\..\Run: [SDAutoLiveupdate] C:\Program Files\SpywareDetector\LiveUpdateSD.exe -AUTO
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [DellSupport] "C:\PROGRA~1\DELLSU~1\DSAgnt.exe" /startup
O4 - Global Startup: C2CMonitor.lnk = C:\Program Files\ClickToConvert\C2CMonitor.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1124567092375
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: SDNotify - C:\Program Files\SpywareDetector\SDNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SDService - Max Secure Software  - C:\Program Files\SpywareDetector\SDService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Computer acting strangely
« Reply #1 on: June 07, 2006, 12:07:06 PM »
Quote
Security Update for Windows XP (KB890859)
That update from Windows is removeable from add/remove programs
Can you just double check in add/remove to ensure it is not installed
If it is, remove it and reboot and then try and install it again

I've never used SpywareDetector, not sure how reliable the program is
Is it the free version?

When you visit windows updates and run the Express download option
Have your tried to disable SpywareDetectors'  and Nortons' protections so they won't interfere?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline dbdonlon

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Computer acting strangely
« Reply #2 on: June 07, 2006, 03:50:23 PM »
The hotfix I mentioned before is in the list of installed hotfixes in the add/remove programs window.  I started to uninstall it, but it came up with a pretty extensive list of programs and hotfixes that it said "May no longer work properly" if I did.  So I am at a standstill on that one.

I have a pay version of Spyware Detector now.  I had been using Webroot's Spy Sweeper, but it runs a process that virtually takes over my computer from time to time.  I was looking for an alternative that wasn't so processor heavy.  I ran across a review of Spyware Detector and it seemed like a good alternative.  The review was from a computer magazine that had given the program an award.

One thing I had forgotten to mention is that Spy Sweeper seemed to cut down on the number of errors that crashed my computer, particularly the kind that don't give an error message, but only a corrupted screen and an unresponsive computer.  That happened again this afternoon after I posted the first message.

Just now, on a restart, my computer tried to update my monitor driver.  I stopped it from doing so and the monitor briefly danced between two representations of windows -- one looked normal and the other looked kind of like Windows95.
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Computer acting strangely
« Reply #3 on: June 07, 2006, 05:11:42 PM »
I'm not seeing much wrong with your log
Try a couple steps to see if it turns up anything

Download and save WinPFind.zip
UNZIP the contents to your desktop
Don't run it yet

RESTART your Computer into SAFE MODE
You can do this by tapping the F8 key as the system is restarting, just before Windows loads
Choose Safe mode from the startup menu and hit Enter

In safe mode
Open the WinPFind folder you extracted to desktop
Double click on WinPFind.exe

Click START SCAN
Let this finish, a log will open so you will know it's done
Close out after

Reboot back to Normal mode

Back in Windows
Post the results of the WindPFind.txt located in the WinPFind folder

additionally:
Download F-Secure Blacklight(blbeta.exe)
  to your root folder >>Normally C:\ drive
So you now have C:\blbeta.exe

    * Open a command window. (Start>Run and type: cmd)
    * Copy paste or type the following in the command window:

      C:\blbeta.exe /expert

    * Accept the user agreement.
    * Click Scan.
    * After the scan finishes, click on Next, then Exit.
Do not rename any files if found by blacklight, I need to see the log

BlackLight will create a log in your C:\ drive with the name "fsbl-xxxxxxx.log". Please post that log also.
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Offline dbdonlon

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Computer acting strangely
« Reply #4 on: June 08, 2006, 08:53:09 AM »
Doing the Blacklight scan now.  The WinPFind took all night to finish.  Here's the log:

WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP    Current Build: Service Pack 2    Current Build Number: 2600
Internet Explorer Version: 6.0.2900.2180

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...
PTech                6/5/2006 11:23:24 PM    RHS 2835469    C:\MaxSecureDB.sdb

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...
UPX!                 6/7/2006 9:27:50 AM         518537216  C:\WINDOWS\MEMORY.DMP
FSG!                 6/7/2006 9:27:50 AM         518537216  C:\WINDOWS\MEMORY.DMP
Umonitor             6/7/2006 9:27:50 AM         518537216  C:\WINDOWS\MEMORY.DMP
aspack               6/7/2006 9:27:50 AM         518537216  C:\WINDOWS\MEMORY.DMP
PTech                6/7/2006 9:27:50 AM         518537216  C:\WINDOWS\MEMORY.DMP
ad-beh               6/7/2006 9:27:50 AM         518537216  C:\WINDOWS\MEMORY.DMP
abetterinternet.com  6/7/2006 9:27:50 AM         518537216  C:\WINDOWS\MEMORY.DMP
winsync              6/7/2006 9:27:50 AM         518537216  C:\WINDOWS\MEMORY.DMP
ad-w-a-r-e.com       6/7/2006 9:27:50 AM         518537216  C:\WINDOWS\MEMORY.DMP

Checking %System% folder...
PEC2                 8/4/2004 8:00:00 AM         41397      C:\WINDOWS\SYSTEM32\dfrg.msc
PTech                5/23/2006 5:26:00 PM        579888     C:\WINDOWS\SYSTEM32\LegitCheckControl.dll
PECompact2           5/3/2006 9:26:24 PM         5818784    C:\WINDOWS\SYSTEM32\MRT.exe
aspack               5/3/2006 9:26:24 PM         5818784    C:\WINDOWS\SYSTEM32\MRT.exe
aspack               8/4/2004 8:00:00 AM         708096     C:\WINDOWS\SYSTEM32\ntdll.dll
Umonitor             8/4/2004 8:00:00 AM         657920     C:\WINDOWS\SYSTEM32\rasdlg.dll
winsync              8/4/2004 8:00:00 AM         1309184    C:\WINDOWS\SYSTEM32\wbdbase.deu
PTech                5/23/2006 5:25:52 PM        285488     C:\WINDOWS\SYSTEM32\WgaTray.exe

Checking %System%\Drivers folder and sub-folders...

Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts
127.0.0.1       ad-w-a-r-e.com


Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
                     6/7/2006 6:28:00 PM       S 2048       C:\WINDOWS\bootstat.dat
                     6/6/2006 10:59:24 PM     H  54156      C:\WINDOWS\QTFont.qfn
                     6/5/2006 5:22:56 PM     RH  749        C:\WINDOWS\WindowsShell.Manifest
                     6/5/2006 5:23:04 PM      H  65         C:\WINDOWS\Downloaded Program Files\desktop.ini
                     6/5/2006 5:23:40 PM      HS 67         C:\WINDOWS\Fonts\desktop.ini
                     6/5/2006 5:23:04 PM      H  65         C:\WINDOWS\occache\desktop.ini
                     6/5/2006 5:23:04 PM      H  65         C:\WINDOWS\Offline Web Pages\desktop.ini
                     6/5/2006 5:24:16 PM      H  258048     C:\WINDOWS\repair\ntuser.dat
                     6/5/2006 5:22:56 PM     RH  749        C:\WINDOWS\system32\cdplayer.exe.manifest
                     6/5/2006 5:23:04 PM     RH  488        C:\WINDOWS\system32\logonui.exe.manifest
                     6/7/2006 6:25:18 PM      HS 721        C:\WINDOWS\system32\mmf.sys
                     6/5/2006 5:22:56 PM     RH  749        C:\WINDOWS\system32\ncpa.cpl.manifest
                     6/5/2006 5:22:56 PM     RH  749        C:\WINDOWS\system32\nwc.cpl.manifest
                     6/5/2006 5:22:56 PM     RH  749        C:\WINDOWS\system32\sapi.cpl.manifest
                     6/5/2006 5:23:04 PM     RH  488        C:\WINDOWS\system32\WindowsLogon.manifest
                     6/5/2006 5:22:56 PM     RH  749        C:\WINDOWS\system32\wuaucpl.cpl.manifest
                     4/18/2006 3:17:08 AM      S 14054      C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB908531.cat
                     4/10/2006 10:41:30 AM     S 8433       C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT
                     5/17/2006 11:24:42 AM     S 7160       C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WGA.cat
                     5/23/2006 5:27:00 PM      S 7160       C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WgaNotify.cat
                     6/7/2006 6:27:50 PM      H  8192       C:\WINDOWS\system32\config\default.LOG
                     6/5/2006 1:05:04 PM      H  0          C:\WINDOWS\system32\config\default.tmp.LOG
                     6/7/2006 6:28:18 PM      H  1024       C:\WINDOWS\system32\config\SAM.LOG
                     6/7/2006 6:28:02 PM      H  16384      C:\WINDOWS\system32\config\SECURITY.LOG
                     6/7/2006 9:16:52 PM      H  73728      C:\WINDOWS\system32\config\software.LOG
                     6/5/2006 1:05:04 PM      H  0          C:\WINDOWS\system32\config\software.tmp.LOG
                     6/7/2006 8:14:22 PM      H  868352     C:\WINDOWS\system32\config\system.LOG
                     6/5/2006 1:04:42 PM      H  0          C:\WINDOWS\system32\config\system.tmp.LOG
                     6/5/2006 1:04:34 PM      H  1024       C:\WINDOWS\system32\config\TempKey.LOG
                     6/5/2006 1:05:06 PM      H  1024       C:\WINDOWS\system32\config\userdiff.LOG
                     6/5/2006 5:24:18 PM      H  1024       C:\WINDOWS\system32\config\userdifr.LOG
                     6/5/2006 9:39:46 PM      H  1024       C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG
                     6/5/2006 8:40:30 PM       S 688        C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
                     6/5/2006 8:40:28 PM       S 558        C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735
                     6/5/2006 8:40:30 PM       S 70226      C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\F482C95F83F1B59228F1B1E720F2EDF1
                     6/5/2006 8:40:30 PM       S 94         C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
                     6/5/2006 8:40:28 PM       S 144        C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735
                     6/5/2006 8:40:30 PM       S 128        C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\F482C95F83F1B59228F1B1E720F2EDF1
                     6/5/2006 5:29:40 PM      HS 113        C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini
                     6/5/2006 5:29:40 PM      HS 113        C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini
                     6/5/2006 5:29:40 PM      HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini
                     6/5/2006 5:29:40 PM      HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
                     6/5/2006 10:23:20 PM     HS 388        C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\bd9edb2f-11c0-4384-9952-a5a9862b7bd0
                     6/5/2006 10:23:20 PM     HS 24         C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\Preferred
                     6/5/2006 6:29:18 PM      HS 388        C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\97a2ebdb-bd6f-4b8f-8429-cb51073ac9c3
                     6/5/2006 6:29:18 PM      HS 24         C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred
                     6/7/2006 6:26:10 PM      H  6          C:\WINDOWS\Tasks\SA.DAT
                     6/5/2006 11:47:48 PM     HS 67         C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini

Checking for CPL files...
Microsoft Corporation          8/4/2004 6:00:00 AM         68608      C:\WINDOWS\SYSTEM32\access.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         549888     C:\WINDOWS\SYSTEM32\appwiz.cpl
                               12/15/2003 1:09:34 PM       24576      C:\WINDOWS\SYSTEM32\BACSCPL.cpl
Borland Software Corporation   10/7/2003 2:39:00 PM        184320     C:\WINDOWS\SYSTEM32\bdeadmin.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         110592     C:\WINDOWS\SYSTEM32\bthprops.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         135168     C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         80384      C:\WINDOWS\SYSTEM32\firewall.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         155136     C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Intel Corporation              9/20/2005 9:35:12 AM        77824      C:\WINDOWS\SYSTEM32\igfxcpl.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         358400     C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         129536     C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         380416     C:\WINDOWS\SYSTEM32\irprops.cpl
InstallShield Software Corporation7/27/2004 5:50:48 PM        73728      C:\WINDOWS\SYSTEM32\ISUSPM.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         68608      C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems, Inc.         5/3/2006 2:56:54 AM         49265      C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         618496     C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         35840      C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         25600      C:\WINDOWS\SYSTEM32\netsetup.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         257024     C:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         32768      C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         114688     C:\WINDOWS\SYSTEM32\powercfg.cpl
RealNetworks, Inc.             8/14/2005 9:04:40 PM        24576      C:\WINDOWS\SYSTEM32\prefscpl.cpl
SigmaTel Inc.                  7/20/2004 10:14:06 AM       102481     C:\WINDOWS\SYSTEM32\stac97.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         298496     C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         28160      C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         94208      C:\WINDOWS\SYSTEM32\timedate.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         148480     C:\WINDOWS\SYSTEM32\wscui.cpl
Microsoft Corporation          5/26/2005 4:16:30 AM        174360     C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation          8/4/2004 6:00:00 AM         68608      C:\WINDOWS\SYSTEM32\dllcache\access.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         549888     C:\WINDOWS\SYSTEM32\dllcache\appwiz.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         135168     C:\WINDOWS\SYSTEM32\dllcache\desk.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         80384      C:\WINDOWS\SYSTEM32\dllcache\firewall.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         155136     C:\WINDOWS\SYSTEM32\dllcache\hdwwiz.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         358400     C:\WINDOWS\SYSTEM32\dllcache\inetcpl.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         129536     C:\WINDOWS\SYSTEM32\dllcache\intl.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         68608      C:\WINDOWS\SYSTEM32\dllcache\joy.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         187904     C:\WINDOWS\SYSTEM32\dllcache\main.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         618496     C:\WINDOWS\SYSTEM32\dllcache\mmsys.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         35840      C:\WINDOWS\SYSTEM32\dllcache\ncpa.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         25600      C:\WINDOWS\SYSTEM32\dllcache\netsetup.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         257024     C:\WINDOWS\SYSTEM32\dllcache\nusrmgr.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         32768      C:\WINDOWS\SYSTEM32\dllcache\odbccp32.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         114688     C:\WINDOWS\SYSTEM32\dllcache\powercfg.cpl
Microsoft Corporation          8/4/2004 6:00:00 AM         155648     C:\WINDOWS\SYSTEM32\dllcache\sapi.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         298496     C:\WINDOWS\SYSTEM32\dllcache\sysdm.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         28160      C:\WINDOWS\SYSTEM32\dllcache\telephon.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         94208      C:\WINDOWS\SYSTEM32\dllcache\timedate.cpl
Microsoft Corporation          8/4/2004 8:00:00 AM         148480     C:\WINDOWS\SYSTEM32\dllcache\wscui.cpl
Microsoft Corporation          5/26/2005 4:16:30 AM        174360     C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
                     6/5/2005 11:35:34 PM        698        C:\Documents and Settings\All Users\Start Menu\Programs\Startup\C2CMonitor.lnk
                     6/5/2006 5:24:14 PM      HS 84         C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
                     8/14/2005 8:57:16 PM        493        C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk

Checking files in %ALLUSERSPROFILE%\Application Data folder...
                     6/5/2006 5:07:06 PM      HS 62         C:\Documents and Settings\All Users\Application Data\desktop.ini

Checking files in %USERPROFILE%\Startup folder...
                     8/10/2004 2:04:12 PM     HS 84         C:\Documents and Settings\dbd\Start Menu\Programs\Startup\desktop.ini

Checking files in %USERPROFILE%\Application Data folder...
                     7/9/2005 10:05:18 PM        1556       C:\Documents and Settings\dbd\Application Data\AdobeDLM.log
                     8/10/2004 1:57:42 PM     HS 62         C:\Documents and Settings\dbd\Application Data\desktop.ini
                     7/9/2005 10:05:18 PM        0          C:\Documents and Settings\dbd\Application Data\dm.ini
                     8/11/2004 7:00:14 PM        12358      C:\Documents and Settings\dbd\Application Data\PFP110JCM.{PB
                     8/11/2004 7:00:14 PM        61678      C:\Documents and Settings\dbd\Application Data\PFP110JPR.{PB
                     8/19/2005 2:53:34 PM        12358      C:\Documents and Settings\dbd\Application Data\PFP120JCM.{PB
                     8/19/2005 2:53:34 PM        61678      C:\Documents and Settings\dbd\Application Data\PFP120JPR.{PB

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
   SV1    =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
   {09799AFB-AD67-11d1-ABCD-00C04FC30936}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
   {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}    = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
   Start Menu Pin    = %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
   {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}    = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\QuickFinderMenu
   {C0E10002-0028-0004-C0E1-C0E1C0E1C0E1}    =
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
   {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}    = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\SnagItMainShellExt
   {CF74B903-3389-469c-B3B6-0204D204FCBD}    = C:\Program Files\TechSmith\SnagIt 7\SnagItShellExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
    = %SystemRoot%\system32\SHELL32.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
   Yahoo! Toolbar Helper = C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}
   DriveLetterAccess = C:\WINDOWS\system32\dla\tfswshx.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
   SSVHelper Class = C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ECB9560-04F9-4bbc-943D-298DDF1699E1}
   CNisExtBho Class = C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}
   CNavExtBho Class = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
   &Tip of the Day = %SystemRoot%\system32\shdocvw.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
   Real.com = C:\WINDOWS\system32\Shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
   {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7}    = Norton Internet Security   : C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
   {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}    = Norton AntiVirus   : C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
   {EF99BD32-C1FB-11D2-892F-0090271D4F88}    = Yahoo! Toolbar   : C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
   MenuText    = Sun Java Console   : C:\Program Files\Java\jre1.5.0_07\bin\npjpi150_07.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
    =
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}
   Favorites Band = %SystemRoot%\system32\shdocvw.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}
   Explorer Band = %SystemRoot%\system32\shdocvw.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
   {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus   : C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
   {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address   : %SystemRoot%\system32\browseui.dll
   {0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links   : %SystemRoot%\system32\SHELL32.dll
   {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} = Norton Internet Security   : C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
   {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus   : C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
   {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} =    :
   {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} =    :

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   SunJavaUpdateSched   C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
   SynTPLpr   C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
   SynTPEnh   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      
   IntelWireless   C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
   DVDLauncher   "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
   ISUSPM Startup   C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
   ISUSScheduler   "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
   ccApp   "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
   Symantec NetDriver Monitor   C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
   {0228e555-4f9c-4e35-a3ec-b109a192b4c2}   C:\Program Files\Google\Gmail Notifier\gnotify.exe
   Apoint   C:\Program Files\Apoint2K\Apoint.exe
   mssSort   C:\Program Files\Maxtor\Maxtor Quick Start\msssort.exe
   dla   C:\WINDOWS\system32\dla\tfswctrl.exe
   SystemTraySD   C:\Program Files\SpywareDetector\SDSystemTray.exe
   SDAutoLiveupdate   C:\Program Files\SpywareDetector\LiveUpdateSD.exe -AUTO
   QuickTime Task   "C:\Program Files\QuickTime\qttask.exe" -atboottime
   igfxtray   C:\WINDOWS\system32\igfxtray.exe
   igfxhkcmd   C:\WINDOWS\system32\hkcmd.exe
   igfxpers   C:\WINDOWS\system32\igfxpers.exe
   NeroFilterCheck   C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   DellSupport   "C:\PROGRA~1\DELLSU~1\DSAgnt.exe" /startup

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
   {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
   {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
   {0DF44EAA-FF21-4412-828E-260A8728E7F1} =


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
   dontdisplaylastusername   0
   legalnoticecaption   
   legalnoticetext   
   shutdownwithoutlogon   1
   undockwithoutlogon   1


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
   NoDriveTypeAutoRun   145


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
   PostBootReminder                  {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
   CDBurn                            {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
   WebCheck                          {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll
   SysTray                           {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
   UserInit   = C:\WINDOWS\system32\userinit.exe,
   Shell      = Explorer.exe
   System      =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
    = crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
    = cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
    = cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui
    = igfxdev.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IntelWireless
    = C:\Program Files\Intel\Wireless\Bin\LgNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
    = sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDNotify
    = C:\Program Files\SpywareDetector\SDNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
    = WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon
    = WgaLogon.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
    = wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
   Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
   AppInit_DLLs   


»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.4.1   - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 6/8/2006 12:59:49 AM


And here's the Blacklight log:

06/08/06 09:46:18 [Info]: BlackLight Engine 1.0.37 initialized
06/08/06 09:46:18 [Info]: OS: 5.1 build 2600 (Service Pack 2)
06/08/06 09:46:19 [Note]: 7019 4
06/08/06 09:46:19 [Note]: 7005 0
06/08/06 09:46:23 [Note]: 7006 0
06/08/06 09:46:23 [Note]: 7022 0
06/08/06 09:46:24 [Note]: 7011 2088
06/08/06 09:46:24 [Note]: 7026 0
06/08/06 09:46:24 [Note]: 7026 0
06/08/06 09:46:24 [Note]: FSRAW library version 1.7.1015
06/08/06 09:52:01 [Note]: 7007 0
Logged

Offline guestolo

  • Site Donator
  • Administrator
  • Hero Member
  • *****
  • Posts: 16034
  • Karma: +1/-0
    • View Profile
    • http://
Computer acting strangely
« Reply #5 on: June 10, 2006, 10:19:17 PM »
I don't see nothing harmful there
Do you remember the last piece of software or hardware you installed before the error messages started?
Logged

Do you want to post your own logs from FRST?

Follow the instructions posted http://www.thetechguide.com/forum/index.php/topic/22942-please-read-how-to-post-logs-from-frst/\'>Click Here

Pages: [1]
« previous next »