Event submitted by Sang Kim
Event ID:

The explorer extension DLL SecretMalwareDLL (using file ieatfiles.dll) was removed from the registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify and will no longer be loaded into explorer.exe.

Solution by Sang Kim

2006-02-20 10:36:24 UTC

This event is logged by EventSentry when an explorer-extension dll file is removed from an autorun registry key.

Software Monitoring monitors autorun registry keys and installed software to notify you of applications that are automatically run when a user logs in or a system boots up.

You can configure this feature at "Packages -> System Health Packages -> Package Name -> Software Monitoring -> Monitor Autorun Locations".

User Information
Only an Email address is required for returning users.

Hide Name


Additional Links