Can open all except 1st e-mail from hotmail in my Gmail Box

Status
Not open for further replies.
T

Thaqalain

In Runtime
Messages
169
I can open,read all e-mails in standard mode of Gmail except 1st e-mail which was sent to me by x...@hotmail.com.When I clicked it,computer either sleep saying loading or IE error of not responding.And as soon as I click this error ,the whole IE window closed.Where is wrong?
Moreover,since 2 days sometime my mouse right click stopped responding.Is it something wrong with mouse right/left click buttons.I c the 1st e-mail of my Gmail box from hotmail friend is opened now,so how can we explain this abnormalities with Gmail.
In doing some experiments,today I have annexed some text like Java"--
--"from View-Source to my browser address bar after gamil web address.
Is this dilemma created due to some errors in doing these unnecessary
experiments to address bar?
I ran CCleaner,NT Registry Optimizer ,restarted computer many times but unusual performance is going on,here is some clip:

Again Loading-- then Internet Explorer has encountered a problem and
needs to close. We are sorry for the inconvenience.
When I reclicked first e-mail,it opened in regular way,I mean why
sometimes hanged up/sometimes opened easily the same e-mail.
Even it again failed to open by pressing enter at its location/row.Even I tried to opened other good mails and tried to intrude to problemetic e-mail thru the aid of short cut keys,j/k,but it did'nt helped.
I just awake this morning and after signing get this message on one of top rows:
Arrgh! The page has been corrupted. If you are running security or
firewall software, you may have to disable it. Learn more.This was I
think in Web Clipsrunning row.As I opened this thread ,I opened another page for Gmail,later when I went to click one of spam mail,again get IE encountered a prob and needs to close,don't send--.
Last night web search detected only coolweb search,which may not be so harmful.
 
.dll errors,coolwebsearch blocked by AOL Spyware

Getting this error since 3 days especially on gmail page:
IE has encountered a prob.and needs to close.we r sorry--
errors in following modules;
Kernel32.dll
msxml2.dll
ntdl.dll
jscrpt.dll
Any fix,pls recommend!Sometimes,IE(esp gmail page) is to be closed for above reasons.Many times failed to open inbox mails,failed to see download link instead showing - Scanning for viruses...
I have run several cycles of Ccleaner,NT Registry Optimizer,NAV,CW
Shredder,AOL Spyware,HJT Log, Regedt for manually taking out Flash
Saver Maker.Moreover,I have uninstalled/reinstalled Google beta tool
bar.I have installed Java 2 Platform Standard Edition to c if it help me or not?
Any recommendations pls:
XP Prof(32 bit)5.01.2600 SP2
IE:6.0.2900.2180xp_sp2_gdr.050301-1519
Dependency Walker: 2.1.3623 (32-bit)
Operating System: Microsoft Windows XP Professional (32-bit)
OS Version: 5.01.2600 Service Pack 2
Processor: x86 Family 15 Model 1 Stepping 3, GenuineIntel, ~1799MHz
Number of Processors: 1
Computer Name: FA-GRJTXU
User Name: Administrator
Local Date: Thursday, April 13, 2006
Local Time: 12:24:23 AM Eastern Daylight Time (GMT-04:00)
OS Language: 0x0409: English (United States)
Memory Load: 62%
Physical Memory Total: 199,016,448 (190 MB)
Physical Memory Used: 125,325,312
Physical Memory Free: 73,691,136
Page File Memory Total: 685,543,424
Page File Memory Used: 168,423,424
Page File Memory Free: 517,120,000
Virtual Memory Total: 2,147,352,576
Virtual Memory Used: 29,347,840
Virtual Memory Free: 2,118,004,736
Page Size: 0x00001000 (4,096)

AOL Spyware detected Coolwebsearch again,despite it was blocked by itself after running last scan.CWShredder scan did'nt show coolwebsearch.

RUN: [WinFaxAppPortStarter] wfxsnt40.exe
RUN: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
RUN: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe
RUN: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
RUN: [NAV Agent] D:\PROGRA~1\NORTON~2\navapw32.exe
RUN: [IgfxTray] D:\WINDOWS\System32\igfxtray.exe
RUN: [HotKeysCmds] D:\WINDOWS\System32\hkcmd.exe
RUN: [Gtwatch] D:\WINDOWS\gtwatch.exe
RUN: [DownloadAccelerator] D:\PROGRA~1\DAP\DAP.EXE /STARTUP
RUN: [PowerS] D:\WINDOWS\PowerS.exe
RUN: [Nero DriveSpeed] D:\PROGRA~1\Nero\NERO7~1\NEROTO~1\DRIVES~1.EXE
RUN: [iamapp] D:\Program Files\Norton Internet Security\IAMAPP.EXE
RUN: [CallControl 4.5] D:\PROGRAM FILES\FAXTALK COMMUNICATOR\FTCtrl32.exe /autoload
RUN: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RUN: [EPSON Stylus CX3800 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6 "USB001" /M "Stylus CX3800"
RUN: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
RUN: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background


**** Browser Helper Objects ****

BHO: [AcroIEHlprObj Class] D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [PaltalkWebLogin] D:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
BHO: [SSVHelper Class] D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
BHO: [Google Toolbar Helper] d:\program files\google\googletoolbar1.dll
BHO: [CNavExtBho Class] D:\Program Files\Norton Antivirus\NavShExt.dll

**** IE Toolbars ****

TOOLBAR: [Norton AntiVirus] D:\Program Files\Norton Antivirus\NavShExt.dll
TOOLBAR: [&Google] d:\program files\google\googletoolbar1.dll


**** IE Extensions ****

IEExt: []
IEExt: [Web Browser Applet Control] D:\WINDOWS\System32\msjava.dll
IEExt: [Research] D:\WINDOWS\System32\msjava.dll
IEExt: [Share in Hello] D:\WINDOWS\System32\msjava.dll
IEExt: [Messenger] D:\Program Files\Messenger\msmsgs.exe


**** Hosts File Entries ****

HOSTS: 127.0.0.1 localhost
HOSTS: 127.0.0.1 localhost


**** IE Settings ****

IEBypass: <local>
Default Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default Search: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Local Page: D:\WINDOWS\system32\blank.htm
Search Bar: http://www.google.com/ie
Search Page: http://www.google.com


**** IE Context Menu (Right click) ****

IEContext: [E&xport to Microsoft Excel] res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000


**** Layered Service Providers ****

LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD Tcpip [TCP/IPv6]
LSP: MSAFD Tcpip [UDP/IPv6]
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F9008E2A-214C-481A-BD2A-A74611469D0A}] SEQPACKET 11
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F9008E2A-214C-481A-BD2A-A74611469D0A}] DATAGRAM 11
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{B8B45458-F813-45C4-883A-7B61E61F7EEA}] SEQPACKET 7
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{B8B45458-F813-45C4-883A-7B61E61F7EEA}] DATAGRAM 7
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{8490BCF7-13D4-4886-B727-B84E0D11A26B}] SEQPACKET 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{8490BCF7-13D4-4886-B727-B84E0D11A26B}] DATAGRAM 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{323B55A2-B0AB-4208-8F2C-0B7F1BD07A0E}] SEQPACKET 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{323B55A2-B0AB-4208-8F2C-0B7F1BD07A0E}] DATAGRAM 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F9008E2A-214C-481A-BD2A-A74611469D0A}] SEQPACKET 12
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F9008E2A-214C-481A-BD2A-A74611469D0A}] DATAGRAM 12
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B8B45458-F813-45C4-883A-7B61E61F7EEA}] SEQPACKET 8
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B8B45458-F813-45C4-883A-7B61E61F7EEA}] DATAGRAM 8
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8490BCF7-13D4-4886-B727-B84E0D11A26B}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8490BCF7-13D4-4886-B727-B84E0D11A26B}] DATAGRAM 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{11DCFBA5-4C67-4E23-A76F-488E3552A8CC}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{11DCFBA5-4C67-4E23-A76F-488E3552A8CC}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{497F70E0-D119-42B9-AB72-BED4ED6423FD}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{497F70E0-D119-42B9-AB72-BED4ED6423FD}] DATAGRAM 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{00543C4F-9F35-4FB8-8EDD-E5E406DC92E8}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{00543C4F-9F35-4FB8-8EDD-E5E406DC92E8}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{79C85D60-21FA-4F22-8B2F-162EB9CC403A}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{79C85D60-21FA-4F22-8B2F-162EB9CC403A}] DATAGRAM 3


**** Blocked Control Panel Items ****

BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No


**** Downloaded Program Files ****

DirectAnimation Java Classes [file://D:\WINDOWS\Java\classes\dajava.cab]
Microsoft XML Parser for Java [file://D:\WINDOWS\Java\classes\xmldso.cab]
TruePass EPF 7,0,100,684 [https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab]
TruePass EPF 7,0,100,717 [https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab]
{166B1BCA-3F9C-11CF-8075-444553540000} [http://active.macromedia.com/director/cabs/sw.cab]
{17492023-C23A-453E-A040-C7C580BBF700} [http://go.microsoft.com/fwlink/?linkid=39204] D:\WINDOWS\system32\LegitCheckControl.DLL
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} [http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab] D:\WINDOWS\Downloaded Program Files\ecmldr32.dll D:\WINDOWS\Downloaded Program Files\navapi.vxd D:\WINDOWS\Downloaded Program Files\navapi32.dll D:\WINDOWS\Downloaded Program Files\avsniffdlgs.dll D:\WINDOWS\Downloaded Program Files\avsniff.dll
{5ED80217-570B-4DA9-BF44-BE107C0EC166} [http://scan.safety.live.com/resource/download/scanner/en-us/wlscbase7617.cab]
{644E432F-49D3-41A1-8DD5-E099162EEEC5} [http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab]
{8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab]
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} [http://www.pandasoftware.com/activescan/as5/asinst.cab]
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} [http://cdn.messenger.msn.com/download/MsnMessengerSetupDownloader.cab]
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab]


**** Windows Services ****

[6to4] %SystemRoot%\system32\svchost.exe -k netsvcs
[Adobe LM Service] "D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
[Alerter] %SystemRoot%\System32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AOL ACS] D:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
[AOLService] D:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[BITS] %SystemRoot%\System32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\System32\svchost.exe -k netsvcs
[CiSvc] %SystemRoot%\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] D:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\System32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\System32\svchost.exe -k NetworkService
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] D:\WINDOWS\System32\svchost.exe -k netsvcs
[ewido security suite control] D:\Program Files\ewido\security suite\ewidoctrl.exe
[ewido security suite guard] D:\Program Files\ewido\security suite\ewidoguard.exe
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[ImapiService] D:\WINDOWS\System32\imapi.exe
[lanmanserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\System32\svchost.exe -k netsvcs
[LmHosts] %SystemRoot%\System32\svchost.exe -k LocalService
[Messenger] %SystemRoot%\System32\svchost.exe -k netsvcs
[mnmsrvc] D:\WINDOWS\System32\mnmsrvc.exe
[MSDTC] D:\WINDOWS\System32\msdtc.exe
[MSIServer] D:\WINDOWS\system32\msiexec.exe /V
[navapsvc] D:\Program Files\Norton Antivirus\navapsvc.exe
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\System32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[NISSERV] "D:\Program Files\Norton Internet Security\NISSERV.EXE"
[NISUM] "D:\Program Files\Norton Internet Security\NISUM.EXE"
[Nla] %SystemRoot%\System32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\System32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[ose] "D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\System32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[RasAuto] %SystemRoot%\System32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\System32\svchost.exe -k netsvcs
[RDSessMgr] D:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[RemoteRegistry] %SystemRoot%\system32\svchost.exe -k LocalService
[RpcLocator] %SystemRoot%\System32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\System32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SBService] D:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[SNDSrvc] "D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\System32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\System32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\System32\svchost.exe -k imgsvc
[SwPrv] D:\WINDOWS\System32\dllhost.exe /Processid:{8E4026E4-7661-42DB-8EDF-0FE362253970}
[SymProxySvc] "D:\Program Files\Norton Internet Security\SymProxySvc.exe"
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[TlntSvr] D:\WINDOWS\System32\tlntsvr.exe
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[UMWdf] D:\WINDOWS\system32\wdfmgr.exe
[upnphost] %SystemRoot%\System32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WebClient] %SystemRoot%\System32\svchost.exe -k LocalService
[wfxsvc] D:\WINDOWS\system32\WFXSVC.EXE
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[Wmi] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] D:\WINDOWS\System32\wbem\wmiapsrv.exe
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs


**** Custom IE Search Items ****

SEARCH: [SearchAssistant] http://www.microsoft.com/isapi/redir.dll?
SEARCH: [CustomizeSearch] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
SEARCH: [SearchAssistant] http://www.google.com/ie


**** Complete IE Options ****

IEOPT: [NoUpdateCheck]
IEOPT: [NoJITSetup]
IEOPT: [Disable Script Debugger] yes
IEOPT: [Show_ChannelBand] No
IEOPT: [Anchor Underline] yes
IEOPT: [Cache_Update_Frequency] Once_Per_Session
IEOPT: [Display Inline Images] yes
IEOPT: [Do404Search]
IEOPT: [Local Page] D:\WINDOWS\system32\blank.htm
IEOPT: [Save_Session_History_On_Exit] no
IEOPT: [Show_FullURL] no
IEOPT: [Show_StatusBar] yes
IEOPT: [Show_ToolBar] yes
IEOPT: [Show_URLinStatusBar] yes
IEOPT: [Show_URLToolBar] yes
IEOPT: [Start Page] http://groups.google.com/group/24hoursupport.helpdesk?lnk=li&hl=en
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [ShowedCheckBrowser] Yes
IEOPT: [Check_Associations] No
IEOPT: [NotifyDownloadComplete] yes
IEOPT: [FullScreen] no
IEOPT: [Window Title ,0,Microsoft Internet Explorer with Asiatype Urdu Browsers Support]
IEOPT: [Error Dlg Displayed On Every Error] no
IEOPT: [Window_Placement] ,
IEOPT: [Use FormSuggest] yes
IEOPT: [AddToFavoritesExpanded]
IEOPT: [FavoritesExportFile] C:\My Documents\FAV98.htm
IEOPT: [FavoritesImportFolder] D:\Documents and Settings\Administrator\Favorites
IEOPT: [StatusBarOther]
IEOPT: [Use Search Asst] no
IEOPT: [Enable Browser Extensions] yes
IEOPT: [HistoryViewType]
IEOPT: [FormSuggest PW Ask] yes
IEOPT: [Expand Alt Text] no
IEOPT: [Move System Caret] no
IEOPT: [NscSingleExpand]
IEOPT: [DisableScriptDebuggerIE] yes
IEOPT: [NoWebJITSetup]
IEOPT: [Page_Transitions]
IEOPT: [FavIntelliMenus] yes
IEOPT: [UseThemes]
IEOPT: [Force Offscreen Composition]
IEOPT: [AllowWindowReuse]
IEOPT: [Friendly http errors] yes
IEOPT: [ShowGoButton] yes
IEOPT: [SmoothScroll]
IEOPT: [Enable AutoImageResize] yes
IEOPT: [Enable_MyPics_Hoverbar] yes
IEOPT: [Play_Animations] yes
IEOPT: [Play_Background_Sounds] yes
IEOPT: [Display Inline Videos] yes
IEOPT: [Show image placeholders]
IEOPT: [Print_Background] no
IEOPT: [LastCheckedHi]
IEOPT: [NoSaveAsPOSTWarning]
IEOPT: [Use Custom Search URL]
IEOPT: [FavChevron] NO
IEOPT: [FormSuggest Passwords] yes
IEOPT: [Error Dlg Details Pane Open] yes
IEOPT: [Default_Search_URL] http://search.msn.com
IEOPT: [Search Page] http://www.google.com
IEOPT: [Search Bar] http://www.google.com/ie
IEOPT: [AutoSearch]
IEOPT: [Default_Page_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Local Page] %SystemRoot%\system32\blank.htm
IEOPT: [Anchor_Visitation_Horizon]
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]
IEOPT: [Placeholder_Height]
IEOPT: [Start Page] http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.0.2600.0000
IEOPT: [FullScreen] no
IEOPT: [CustomizeSearch] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [SearchAssistant] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [IEWatsonEnabled]
IEOPT: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
 
ewido security suite - Startup report

---------------------------------------------------------
ewido security suite - Startup report
---------------------------------------------------------

+ Created on: 12:31:42 PM, 4/13/2006
+ Report-Checksum: EDDEDC3A

Reg\HKLM\Run WinFaxAppPortStarter wfxsnt40.exe
Reg\HKLM\Run UserFaultCheck %systemroot%\system32\dumprep 0 -u
Reg\HKLM\Run Symantec NetDriver Monitor D:\PROGRA~1\SYMNET~1\SNDMon.exe
Reg\HKLM\Run SunJavaUpdateSched D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
Reg\HKLM\Run NAV Agent D:\PROGRA~1\NORTON~2\navapw32.exe
Reg\HKLM\Run HotKeysCmds D:\WINDOWS\System32\hkcmd.exe
Reg\HKLM\Run IgfxTray D:\WINDOWS\System32\igfxtray.exe
Reg\HKLM\Run Gtwatch D:\WINDOWS\gtwatch.exe
Reg\HKLM\Run DownloadAccelerator D:\PROGRA~1\DAP\DAP.EXE /STARTUP
Reg\HKLM\Run PowerS D:\WINDOWS\PowerS.exe
Reg\HKLM\Run Nero DriveSpeed D:\PROGRA~1\Nero\NERO7~1\NEROTO~1\DRIVES~1.EXE
Reg\HKLM\Run iamapp D:\Program Files\Norton Internet Security\IAMAPP.EXE
Reg\HKLM\Run CallControl 4.5 D:\PROGRAM FILES\FAXTALK COMMUNICATOR\FTCtrl32.exe /autoload
Reg\HKLM\Run TkBellExe "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
Reg\HKLM\Run EPSON Stylus CX3800 Series D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6 "USB001" /M "Stylus CX3800"
Reg\HKCU\Run BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "D:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
Reg\HKCU\Run msnmsgr "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
Shell\CommonStartup palstart.exe D:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe
 
RKFiles

C:\unzipped\rkfiles

PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, THERE MIGHT BE LEGIT FILES LISTED AND PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
Files Found in system Folder............
------------------------
D:\WINDOWS\system32\dfrg.msc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAwGpEc213

Files Found in all users startup Folder............
------------------------
Files Found in all users windows Folder............
------------------------
D:\WINDOWS\epsuninst.exe: UPX!
Finished
bye
 
WinPFind Log

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600
Internet Explorer Version: 6.0.2900.2180

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...
PEC2 8/9/2005 8:26:06 PM 556704 D:\Program Files\GoogleToolbarInstaller.exe
PECompact2 8/9/2005 8:26:06 PM 556704 D:\Program Files\GoogleToolbarInstaller.exe

Checking %WinDir% folder...
abetterinternet.com 7/8/2005 11:28:42 PM 11090 D:\WINDOWS\jakza.dll
web-nex 7/8/2005 11:28:42 PM 11090 D:\WINDOWS\jakza.dll
ad-w-a-r-e.com 7/8/2005 11:28:42 PM 11090 D:\WINDOWS\jakza.dll

Checking %System% folder...
PEC2 10/5/2001 1:13:42 AM 41397 D:\WINDOWS\SYSTEM32\dfrg.msc
aspack 11/28/2003 4:10:56 PM 411136 D:\WINDOWS\SYSTEM32\FlashSaver.scr
aspack 3/19/2002 8:18:54 AM 120832 D:\WINDOWS\SYSTEM32\lame_enc.dll
PTech 2/14/2006 9:20:14 AM 550120 D:\WINDOWS\SYSTEM32\LegitCheckControl.DLL
PECompact2 3/9/2006 4:21:10 PM 4799320 D:\WINDOWS\SYSTEM32\MRT.exe
aspack 3/9/2006 4:21:10 PM 4799320 D:\WINDOWS\SYSTEM32\MRT.exe
aspack 12/3/2002 4:02:58 AM 491520 D:\WINDOWS\SYSTEM32\NCTAudioFile.dll
aspack 12/3/2002 4:11:10 AM 143872 D:\WINDOWS\SYSTEM32\NCTWMAFile.dll
aspack 8/4/2004 12:56:36 AM 708096 D:\WINDOWS\SYSTEM32\ntdll.dll
Umonitor 8/4/2004 12:56:44 AM 657920 D:\WINDOWS\SYSTEM32\rasdlg.dll
winsync 10/5/2001 1:16:34 AM 1309184 D:\WINDOWS\SYSTEM32\wbdbase.deu

Checking %System%\Drivers folder and sub-folders...
PTech 8/3/2004 10:41:38 PM 1309184 D:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys

Items found in D:\WINDOWS\SYSTEM32\drivers\etc\hosts


Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
4/14/2006 8:00:40 AM S 2048 D:\WINDOWS\bootstat.dat
4/1/2006 10:08:22 AM H 54156 D:\WINDOWS\QTFont.qfn
4/14/2006 8:00:22 AM H 8192 D:\WINDOWS\system32\config\default.LOG
4/14/2006 8:00:52 AM H 1024 D:\WINDOWS\system32\config\SAM.LOG
4/14/2006 8:00:42 AM H 8192 D:\WINDOWS\system32\config\SECURITY.LOG
4/14/2006 8:02:00 AM H 49152 D:\WINDOWS\system32\config\software.LOG
4/14/2006 7:59:40 AM H 1024 D:\WINDOWS\system32\config\system.LOG
4/3/2006 3:02:50 AM H 1024 D:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
4/13/2006 8:04:40 AM S 7652 D:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E891C648621A40AC7F773694A17FE76C
4/13/2006 8:04:40 AM S 134 D:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E891C648621A40AC7F773694A17FE76C
4/2/2006 6:40:14 PM H 6 D:\WINDOWS\Tasks\SA.DAT

Checking for CPL files...
Microsoft Corporation 8/4/2004 12:56:58 AM 68608 D:\WINDOWS\SYSTEM32\access.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 549888 D:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 110592 D:\WINDOWS\SYSTEM32\bthprops.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 135168 D:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 80384 D:\WINDOWS\SYSTEM32\firewall.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 155136 D:\WINDOWS\SYSTEM32\hdwwiz.cpl
Intel Corporation 5/14/2002 9:24:56 PM 94208 D:\WINDOWS\SYSTEM32\igfxcpl.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 358400 D:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 129536 D:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 380416 D:\WINDOWS\SYSTEM32\irprops.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 68608 D:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems, Inc. 11/10/2005 1:03:50 PM 49265 D:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation 10/5/2001 1:14:58 AM 187904 D:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 618496 D:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation 10/5/2001 1:15:22 AM 35840 D:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 25600 D:\WINDOWS\SYSTEM32\netsetup.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 257024 D:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation 10/5/2001 1:15:34 AM 36864 D:\WINDOWS\SYSTEM32\nwc.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 32768 D:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 114688 D:\WINDOWS\SYSTEM32\powercfg.cpl
Apple Computer, Inc. 1/6/2004 5:02:36 PM 323072 D:\WINDOWS\SYSTEM32\QuickTime.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 298496 D:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 10/5/2001 1:16:20 AM 28160 D:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 94208 D:\WINDOWS\SYSTEM32\timedate.cpl
Microsoft Corporation 8/4/2004 12:56:58 AM 148480 D:\WINDOWS\SYSTEM32\wscui.cpl
Microsoft Corporation 5/26/2005 5:16:30 AM 174360 D:\WINDOWS\SYSTEM32\wuaucpl.cpl

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
10/31/2004 9:02:26 PM HS 84 D:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
1/26/2006 12:13:28 PM 30720 D:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe

Checking files in %ALLUSERSPROFILE%\Application Data folder...
10/31/2004 8:39:20 PM HS 62 D:\Documents and Settings\All Users\Application Data\desktop.ini

Checking files in %USERPROFILE%\Startup folder...
10/31/2004 9:02:26 PM HS 84 D:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini

Checking files in %USERPROFILE%\Application Data folder...
4/8/2006 1:21:46 PM 1048 D:\Documents and Settings\Administrator\Application Data\AdobeDLM.log
10/31/2004 8:39:20 PM HS 62 D:\Documents and Settings\Administrator\Application Data\desktop.ini
3/6/2006 2:18:40 PM 0 D:\Documents and Settings\Administrator\Application Data\dm.ini

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
SV1 =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ewido
{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = D:\Program Files\ewido\security suite\context.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\fgqxggnn
{35905f7f-2f42-4a91-9866-a0387c70ccd5} = D:\WINDOWS\system32\urnsr.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
{09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = D:\Program Files\Norton Antivirus\NavShExt.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = D:\Program Files\WinRAR\rarext.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Start Menu Pin = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}
= D:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = D:\Program Files\Norton Antivirus\NavShExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = D:\Program Files\WinRAR\rarext.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}
= D:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ewido
{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E} = D:\Program Files\ewido\security suite\context.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA} = D:\Program Files\WinRAR\rarext.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZip
{E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
= %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{6EC11407-5B2E-4E25-8BDF-77445B52AB37}
=
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{7D4D6379-F301-4311-BEBA-E26EB0561882}
= D:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{F9DB5320-233E-11D1-9F84-707F02C10627}
= D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
AcroIEHlprObj Class = D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{502C3BA4-2C3E-4317-BC29-C0445E82B1F9}
PaltalkWebLogin = D:\Program Files\Common Files\Paltalk\PaltalkWebLogin.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
SSVHelper Class = D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
Google Toolbar Helper = d:\program files\google\googletoolbar1.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}
CNavExtBho Class = D:\Program Files\Norton Antivirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
=
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
&Tip of the Day = %SystemRoot%\System32\shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus : D:\Program Files\Norton Antivirus\NavShExt.dll
{2318C2B1-4965-11d4-9B18-009027A5CD4F} = &Google : d:\program files\google\googletoolbar1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping
MenuText = :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
MenuText = Sun Java Console : D:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
ButtonText = Research :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B13B4423-2647-4cfc-A4B3-C7D56CB83487}
ButtonText = Share in Hello :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
ButtonText = Messenger : D:\Program Files\Messenger\msmsgs.exe

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{21569614-B795-46B1-85F4-E737A8DC09AD}
Shell Search Band = %SystemRoot%\system32\browseui.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
=
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
=
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}
File Search Explorer Band = %SystemRoot%\system32\SHELL32.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}
Favorites Band = %SystemRoot%\System32\shdocvw.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E62-B078-11D0-89E4-00C04FC9E26E}
History Band = %SystemRoot%\System32\shdocvw.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}
Explorer Band = %SystemRoot%\System32\shdocvw.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll
{2318C2B1-4965-11D4-9B18-009027A5CD4F} = &Google : d:\program files\google\googletoolbar1.dll
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus : D:\Program Files\Norton Antivirus\NavShExt.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll
{0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll
{2318C2B1-4965-11D4-9B18-009027A5CD4F} = &Google : d:\program files\google\googletoolbar1.dll
{C109664B-CEB1-420B-B353-D55A561536DD} = :
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus : D:\Program Files\Norton Antivirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
WinFaxAppPortStarter wfxsnt40.exe
UserFaultCheck %systemroot%\system32\dumprep 0 -u
Symantec NetDriver Monitor D:\PROGRA~1\SYMNET~1\SNDMon.exe
SunJavaUpdateSched D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
NAV Agent D:\PROGRA~1\NORTON~2\navapw32.exe
IgfxTray D:\WINDOWS\System32\igfxtray.exe
HotKeysCmds D:\WINDOWS\System32\hkcmd.exe
Gtwatch D:\WINDOWS\gtwatch.exe
DownloadAccelerator D:\PROGRA~1\DAP\DAP.EXE /STARTUP
PowerS D:\WINDOWS\PowerS.exe
Nero DriveSpeed D:\PROGRA~1\Nero\NERO7~1\NEROTO~1\DRIVES~1.EXE
iamapp D:\Program Files\Norton Internet Security\IAMAPP.EXE
CallControl 4.5 D:\PROGRAM FILES\FAXTALK COMMUNICATOR\FTCtrl32.exe /autoload
TkBellExe "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
EPSON Stylus CX3800 Series D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6 "USB001" /M "Stylus CX3800"
NeroFilterCheck D:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
IMAIL Installed = 1
MAPI Installed = 1
MSFS Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} "D:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
msnmsgr "D:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
NeroHomeFirstStart D:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
wfxsvc 2
Schedule 2
AudioSrv 2
AppMgmt 3
AOLService 2
AOL ACS 2
Adobe LM Service 3


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup D:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
location Common Startup
command
item Adobe Acrobat Speed Launcher
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup D:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
location Common Startup
command
item Adobe Acrobat Speed Launcher

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup D:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
location Common Startup
command D:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE
item Adobe Reader Speed Launch
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup D:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
location Common Startup
command D:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE
item Adobe Reader Speed Launch

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL 9.0 Tray Icon.lnk
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk
backup D:\WINDOWS\pss\AOL 9.0 Tray Icon.lnkCommon Startup
location Common Startup
command D:\PROGRA~1\AOL9~1.0A\aoltray.exe -check
item AOL 9.0 Tray Icon
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk
backup D:\WINDOWS\pss\AOL 9.0 Tray Icon.lnkCommon Startup
location Common Startup
command D:\PROGRA~1\AOL9~1.0A\aoltray.exe -check
item AOL 9.0 Tray Icon

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL Companion.lnk
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL Companion.lnk
backup D:\WINDOWS\pss\AOL Companion.lnkCommon Startup
location Common Startup
command D:\PROGRA~1\AOLCOM~1\COMPAN~1.EXE /s
item AOL Companion
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\AOL Companion.lnk
backup D:\WINDOWS\pss\AOL Companion.lnkCommon Startup
location Common Startup
command D:\PROGRA~1\AOLCOM~1\COMPAN~1.EXE /s
item AOL Companion

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^palstart.exe
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe
backup D:\WINDOWS\pss\palstart.exeCommon Startup
location Common Startup
command D:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe
item palstart
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe
backup D:\WINDOWS\pss\palstart.exeCommon Startup
location Common Startup
command D:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe
item palstart

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup D:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\WinZip\WZQKPICK.EXE
item WinZip Quick Pick
path D:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup D:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup
location Common Startup
command C:\PROGRA~1\WinZip\WZQKPICK.EXE
item WinZip Quick Pick

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item
hkey HKLM
command
inimapping 0


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 7.0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item Acrotray
hkey HKLM
command "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item Acrotray
hkey HKLM
command "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AOL Spyware Protection
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item AOLSP Scheduler
hkey HKLM
command "D:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item AOLSP Scheduler
hkey HKLM
command "D:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HOTFOON2
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item hotfoon5
hkey HKCU
command "D:\Documents and Settings\Administrator\My Documents\hotfoon5.exe" /h
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item hotfoon5
hkey HKCU
command "D:\Documents and Settings\Administrator\My Documents\hotfoon5.exe" /h
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MessengerPlus3
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item MsgPlus
hkey HKLM
command "D:\Program Files\MessengerPlus! 3\MsgPlus.exe"
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item MsgPlus
hkey HKLM
command "D:\Program Files\MessengerPlus! 3\MsgPlus.exe"
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item msnmsgr
hkey HKCU
command "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item msnmsgr
hkey HKCU
command "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item qttask
hkey HKLM
command "D:\Program Files\QuickTime\qttask.exe" -atboottime
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item qttask
hkey HKLM
command "D:\Program Files\QuickTime\qttask.exe" -atboottime
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item PDVDServ
hkey HKLM
command "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item PDVDServ
hkey HKLM
command "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item realsched
hkey HKLM
command "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item realsched
hkey HKLM
command "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Yahoo! Pager
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item ypager
hkey HKCU
command D:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
inimapping 0
key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item ypager
hkey HKCU
command D:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
inimapping 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
system.ini 0
win.ini 0
bootini 0
services 2
startup 2


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} = D:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
{0DF44EAA-FF21-4412-828E-260A8728E7F1} =


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings
FileName0 D:\WINDOWS\system32\RSACi.rat
WarnOnOff 1


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings\.Default
Allow_Unknowns 0
PleaseMom 1
Enabled 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
dontdisplaylastusername 0
legalnoticecaption
legalnoticetext
shutdownwithoutlogon 1
undockwithoutlogon 1


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
NoDriveTypeAutoRun 145

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
uxikietro.exe D:\WINDOWS\system\uxikietro.exe
cwcmubjv.exe D:\WINDOWS\system\cwcmubjv.exe


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll
SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = D:\WINDOWS\System32\stobject.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = D:\WINDOWS\system32\userinit.exe,
Shell = explorer.exe
System =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
= crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
= cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
= cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui
= igfxsrvc.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
= sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
= WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
= wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
= wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
AppInit_DLLs MsgPlusLoader.dll


»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.4.1 - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 4/14/2006 8:10:43 AM
 
From having a brief look, you should completely uninstall norton internet security or any other norton products you are using. You could possibly have viruses on your PC as well...
 
My apologizes,i will take out all log once it is resolved,pls look my last 2 recent logs for your kind help.

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFaxAppPortStarter"="wfxsnt40.exe"
"UserFaultCheck"="%systemroot%\\system32\\dumprep 0 -u"
"Symantec NetDriver Monitor"="D:\\PROGRA~1\\SYMNET~1\\SNDMon.exe"
"SunJavaUpdateSched"="D:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"NAV Agent"="D:\\PROGRA~1\\NORTON~2\\navapw32.exe"
"IgfxTray"="D:\\WINDOWS\\System32\\igfxtray.exe"
"HotKeysCmds"="D:\\WINDOWS\\System32\\hkcmd.exe"
"Gtwatch"="D:\\WINDOWS\\gtwatch.exe"
"DownloadAccelerator"="D:\\PROGRA~1\\DAP\\DAP.EXE /STARTUP"
"PowerS"="D:\\WINDOWS\\PowerS.exe"
"Nero DriveSpeed"="D:\\PROGRA~1\\Nero\\NERO7~1\\NEROTO~1\\DRIVES~1.EXE"
"iamapp"="D:\\Program Files\\Norton Internet Security\\IAMAPP.EXE"
"CallControl 4.5"="D:\\PROGRAM FILES\\FAXTALK COMMUNICATOR\\FTCtrl32.exe /autoload"
"TkBellExe"="\"D:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"EPSON Stylus CX3800 Series"="D:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIACA.EXE /P26 \"EPSON Stylus CX3800 Series\" /O6 \"USB001\" /M \"Stylus CX3800\""
"NeroFilterCheck"="D:\\WINDOWS\\system32\\NeroCheck.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

-----------------
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers


Subkey --- ewido
{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}
D:\Program Files\ewido\security suite\context.dll

Subkey --- fgqxggnn
{35905f7f-2f42-4a91-9866-a0387c70ccd5}
D:\WINDOWS\system32\urnsr.dll

Subkey --- Offline Files
{750fdf0e-2a26-11d1-a3ea-080036587f03}
D:\WINDOWS\System32\cscui.dll

Subkey --- Open With
{09799AFB-AD67-11d1-ABCD-00C04FC30936}
D:\WINDOWS\system32\SHELL32.dll

Subkey --- Open With EncryptionMenu
{A470F8CF-A1E8-4f65-8335-227475AA5C46}
D:\WINDOWS\system32\SHELL32.dll

Subkey --- Symantec.Norton.Antivirus.IEContextMenu
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}
D:\Program Files\Norton Antivirus\NavShExt.dll

Subkey --- WinRAR
{B41DB860-8EE4-11D2-9906-E49FADC173CA}
D:\Program Files\WinRAR\rarext.dll

Subkey --- WinZip
{E0D79304-84BE-11CE-9641-444553540000}
C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

Subkey --- {a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
Start Menu Pin
D:\WINDOWS\system32\SHELL32.dll

Subkey --- {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}

D:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

=====================

HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers


Subkey --- {0D2E74C4-3C34-11d2-A27E-00C04FC30871}
D:\WINDOWS\system32\SHELL32.dll

Subkey --- {24F14F01-7B1C-11d1-838f-0000F80461CF}
D:\WINDOWS\system32\SHELL32.dll

Subkey --- {24F14F02-7B1C-11d1-838f-0000F80461CF}
D:\WINDOWS\system32\SHELL32.dll

Subkey --- {66742402-F9B9-11D1-A202-0000F81FEDEE}
D:\WINDOWS\system32\SHELL32.dll

Subkey --- {6EC11407-5B2E-4E25-8BDF-77445B52AB37}


Subkey --- {7D4D6379-F301-4311-BEBA-E26EB0561882}
D:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll

Subkey --- {F9DB5320-233E-11D1-9F84-707F02C10627}
D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

==============================
D:\Documents and Settings\All Users\Start Menu\Programs\Startup

desktop.ini
palstart.exe
==============================
D:\Documents and Settings\Administrator\Start Menu\Programs\Startup

desktop.ini
palstart.exe
desktop.ini
==============================
D:\WINDOWS\system32 cpl files


access.cpl Microsoft Corporation
appwiz.cpl Microsoft Corporation
bthprops.cpl Microsoft Corporation
desk.cpl Microsoft Corporation
firewall.cpl Microsoft Corporation
hdwwiz.cpl Microsoft Corporation
igfxcpl.cpl Intel Corporation
inetcpl.cpl Microsoft Corporation
intl.cpl Microsoft Corporation
irprops.cpl Microsoft Corporation
joy.cpl Microsoft Corporation
jpicpl32.cpl Sun Microsystems, Inc.
main.cpl Microsoft Corporation
mmsys.cpl Microsoft Corporation
ncpa.cpl Microsoft Corporation
netsetup.cpl Microsoft Corporation
nusrmgr.cpl Microsoft Corporation
nwc.cpl Microsoft Corporation
odbccp32.cpl Microsoft Corporation
powercfg.cpl Microsoft Corporation
QuickTime.cpl Apple Computer, Inc.
sysdm.cpl Microsoft Corporation
telephon.cpl Microsoft Corporation
timedate.cpl Microsoft Corporation
wscui.cpl Microsoft Corporation
wuaucpl.cpl Microsoft Corporation
 
Status
Not open for further replies.

Similar threads

A
checking e-mail from other accounts on a Gmail account
Replies
0
Views
3K
arncap
A
G
Task bar not responding after update
Replies
3
Views
1K
petergroft29
P
D
OneNote Section Does Not Open
2
Replies
10
Views
2K
Distant Equinox
D
D
"could not parse error", what should i do?
Replies
1
Views
1K
petergroft29
P
B
Gmail message sometimes doesn't open
Replies
2
Views
1K
TedCurran
T
Back
Top Bottom