1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Pop Ups repeatly occur after clearing them out

Discussion in 'Virus & Other Malware Removal' started by Narodnik, Feb 10, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. Narodnik

    Narodnik Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    18
    I've been getting pop ups - the same ones, persistent, after I clear them out using spybot search and destroy and ad aware. I have Bit Defender anti virus - and Registry Doctor as my registry clearnr.

    A friend gave me "HijackThis.exe" to run, make a log file and post on here for you to check, but Windows will not let me run it to get a log file. I can't run it.
     
  2. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Try changing the name of HijackThis.exe to something like puppy.exe and see if it will run.
     
  3. Narodnik

    Narodnik Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    18
    Hijack This.exe - I can't change the name, there is no option to do that, nor can I copy and paste it - it won't move. I can't run it. Windows won't let me.
     
  4. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Even if you right click on it and choose Rename?
     
  5. Narodnik

    Narodnik Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    18
    Yes. I renamed the zip file that hijackthis came in - and windows would not let me extract the files, not even that. I get a message saying the files can harm my computer and that windows has blocked it.
     
  6. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Will it run in Safe Mode?
     
  7. Narodnik

    Narodnik Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    18
    Got it - I went to download hijack this from the internet instead of saving the exe file that someone sent me. HERE is the LOG

    Logfile of HijackThis v1.99.1
    Scan saved at 4:21:52 PM, on 2/16/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\System32\brsvc01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\brss01a.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Softwin\BitDefender10\bdmcon.exe
    C:\Program Files\Softwin\BitDefender10\bdagent.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\WINDOWS\System32\Wintab32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    C:\Program Files\EarthLink\spamBlocker\ELSBLaunch.exe
    C:\Program Files\Network Associates\PGPNT\PGPTray.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Softwin\BitDefender10\vsserv.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\BitComet\BitComet.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Adobe Acrobat Control for ActiveX - {CA8A9780-280D-11CF-A24D-444553540000} - C:\PROGRA~1\Adobe\ACROBA~1.0\Acrobat\ActiveX\pdf.ocx
    O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\en-us\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [SCDEmuApp.exe] C:\Program Files\PowerISO\SCDEmuApp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: ELSBLaunch.lnk = C:\Program Files\EarthLink\spamBlocker\ELSBLaunch.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: PGPtray.lnk = C:\Program Files\Network Associates\PGPNT\PGPTray.exe
    O4 - Global Startup: ScanPanel.lnk = C:\ScanPanel\ScnPanel.exe
    O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
    O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
    O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...pple.com/mickey/us/win/QuickTimeInstaller.exe
    O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
    O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/04d7e2b9670ef43fe423/netzip/RdxIE601.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1127606518047
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://us-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - http://www.symantec.com/techsupp/asa/SymAData.cab
    O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
    O23 - Service: Wintab32 - Unknown owner - C:\WINDOWS\System32\Wintab32.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
     
  8. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Run ActiveScan online virus scan:
    http://www.pandasoftware.com/products/activescan.htm

    Once you are on the Panda site click the Scan your PC button.
    A new window will open...click the Check Now button.
    Enter your Country.
    Enter your State/Province.
    Enter your e-mail address and click send.
    Select either Home User or Company.
    Click the big Scan Now button.
    If it wants to install an ActiveX component allow it.
    It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
    When download is complete, click on My Computer to start the scan.
    When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
    Post the contents of the ActiveScan report.
     
  9. Narodnik

    Narodnik Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    18
    I posted the statistics from hijack this. This is no good? I went to Panda. Got as far as installing active X and a bunch of add-ons I didn't want - it updated or whatever it does. When it came time to click on the "my computer" icon - I got "error on page" and nothing happened.

    I can try again later, but this is beginning to be a royal pain.
     
  10. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    The Hijack This log is not showing much for me to work with. If you are getting pop ups, there's likely an underlying infection that is not visible in the log.

    Try this instead of Panda...

    Download WinPFind.exe to your desktop and double click on it open it and then select “extract” to extract the files. This will create a folder named WinPFind on your desktop.

    Start in Safe Mode Using the F8 method:

    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
    • Use the arrow keys to select the Safe Mode menu item.
    • Press the Enter key.

    Double click on the WinPFind folder on your desktop to open it and then double click on the WinPFind.exe file to start the program.

    • Click “Configure scan options”
    • Under “Run AdOns” select the following:
      • Policies.def
      • Security.def
    • Click “apply”
    • Click "Start Scan"
    • It will scan the entire System, so please be patient and let it complete.


    When the scan is complete reboot normally and post the WinPFind.txt file (located in the WinPFind folder) back here along with a new Hijack This log.
     
  11. Narodnik

    Narodnik Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    18
    OK, there was no option to check anything "configure." There were two buttons, "run scan" and "exit." I ran the scan but did check ALL on what did show up to be checked. However, before posting the log - I checked on a hunch my latest virus definitions (Bit Defender) and noticed that it didn't update since 12/2006. I updated and noticed nothing happened. I then noticed that "auto update" was shut off - and I have NO idea how that happened. I installed "weekly update" from their site, updated and ran a BD scan - finding 8 viruses caused by 2 trojans. namepoketick.exe
    infected with Trojan.FatObfus.Gen and some other one, can't find the name of it in the logs and don't remember it. That got fixed. I contacted BD to find out how the auto update shut off. It auto scans weekly and had been doing that and finding nothing. This might have been my problem all along. How auto update shut down is a mystery thus far until they get back to me on that. IS IT POSSIBLE that downloading HUGE files and taking up a lot of bandwidth? - enough to seriously slow down email sending (unless I put the downloads on stop or pause) - could that have caused BD update to shut down if they couldn't get thru? I noticed that windows update didn't get thru on auto download/install, I had to go get latest updates. Could that cause BD auto update to shut off?

    Here is the winpfind LOG. Below that is the hijack this log. I have to make this in more than one post, your server is saying it's too long. Here goes.

    WinPFind logfile created on: 2/17/2007 12:51:05 PM
    WinPFind by OldTimer - v2.0.1 Folder = C:\Documents and Settings\Administrator\Desktop\WinPFind\

    »»»»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»

    Product Name: Microsoft Windows XP Service Pack 2 | Version: 5.1.2600
    Internet Explorer Version: 7.0.5730.11

    »»»»»»»»»»»»»»»»»»»» Memory/Drive Info »»»»»»»»»»»»»»»»»»»»»»»»»»

    228848 Kb Total Physical Memory | 84628 Kb Available Physical Memory | 36.98% Memory free
    596676 Kb Paging File | 506748 Kb Available in Paging File | 84.93% Paging File free
    Paging file location: c:\pagefile.sys 372 744

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 39070048 Kb Total Space | 26293248 Kb Free Space | 67.30% Space Free
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded

    »»»»»»»»»»»»»»»»»»»» Running Processes (All) »»»»»»»»»»»»»»»»»»

    C:\Documents and Settings\Administrator\Desktop\WinPFind\WinPFind.exe ()
    C:\WINDOWS\explorer.exe (Microsoft Corporation)
    C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
    C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
    C:\WINDOWS\system32\services.exe (Microsoft Corporation)
    C:\WINDOWS\system32\smss.exe (Microsoft Corporation)
    C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
    C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
    C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)

    »»»»»»»»»»»»»»»»»»»» Win32 Services (All) »»»»»»»»»»»»»»»»»»»»»

    (Alerter) Alerter [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (ALG) Application Layer Gateway Service [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\alg.exe (Microsoft Corporation)

    (AppMgmt) Application Management [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (aspnet_state) ASP.NET State Service [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)

    (AudioSrv) Windows Audio [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Disabled | Stopped]
    = C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)

    (bdss) BitDefender Scan Server [Win32_Own | Disabled | Stopped]
    = C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe ()

    (BITS) Background Intelligent Transfer Service [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (Brother XP spl Service) BrSplService [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\BRSVC01A.EXE (brother Industries Ltd)

    (Browser) Computer Browser [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (cisvc) Indexing Service [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\cisvc.exe (Microsoft Corporation)

    (ClipSrv) ClipBook [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\clipsrv.exe (Microsoft Corporation)

    (clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

    (COMSysApp) COM+ System Application [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\dllhost.exe (Microsoft Corporation)

    (CryptSvc) Cryptographic Services [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Auto | Running]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (Dhcp) DHCP Client [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\dmadmin.exe (Microsoft Corp., Veritas Software)

    (dmserver) Logical Disk Manager [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (Dnscache) DNS Client [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (ERSvc) Error Reporting Service [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (Eventlog) Event Log [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\services.exe (Microsoft Corporation)

    (EventSystem) COM+ Event System [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (FastUserSwitchingCompatibility) Fast User Switching Compatibility [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (gusvc) Google Updater Service [Win32_Own | Disabled | Stopped]
    = C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)

    (helpsvc) Help and Support [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (HidServ) Human Interface Device Access [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (HTTPFilter) HTTP SSL [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (IDriverT) InstallDriver Table Manager [Win32_Own | Disabled | Stopped]
    = C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

    (ImapiService) IMAPI CD-Burning COM Service [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\imapi.exe (Microsoft Corporation)

    (InCDsrv) InCD Helper [Win32_Own | Disabled | Stopped]
    = C:\Program Files\Ahead\InCD\InCDsrv.exe (Nero AG)

    (iPodService) iPodService [Win32_Own | Disabled | Stopped]
    = C:\Program Files\iPod\bin\iPodService.exe (Apple Computer, Inc.)

    (lanmanserver) Server [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (lanmanworkstation) Workstation [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (LIVESRV) BitDefender Desktop Update Service [Win32_Own | Disabled | Stopped]
    = C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe (SOFTWIN S.R.L.)

    (LmHosts) TCP/IP NetBIOS Helper [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (MDM) Machine Debug Manager [Win32_Own | Disabled | Stopped]
    = C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)

    (Messenger) Messenger [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (mnmsrvc) NetMeeting Remote Desktop Sharing [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\mnmsrvc.exe (Microsoft Corporation)

    (MSDTC) Distributed Transaction Coordinator [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\msdtc.exe (Microsoft Corporation)

    (MSIServer) Windows Installer [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\msiexec.exe (Microsoft Corporation)

    (NetDDE) Network DDE [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\netdde.exe (Microsoft Corporation)

    (NetDDEdsdm) Network DDE DSDM [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\netdde.exe (Microsoft Corporation)

    (Netlogon) Net Logon [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)

    (Netman) Network Connections [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (Nla) Network Location Awareness (NLA) [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (NtLmSsp) NT LM Security Support Provider [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)

    (NtmsSvc) Removable Storage [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (PlugPlay) Plug and Play [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\services.exe (Microsoft Corporation)

    (PolicyAgent) IPSEC Services [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)

    (ProtectedStorage) Protected Storage [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)

    (RasAuto) Remote Access Auto Connection Manager [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (RasMan) Remote Access Connection Manager [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (RDSessMgr) Remote Desktop Help Session Manager [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\sessmgr.exe (Microsoft Corporation)

    (RemoteAccess) Routing and Remote Access [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (RemoteRegistry) Remote Registry [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (RpcLocator) Remote Procedure Call (RPC) Locator [Win32_Own | On_Demand | Stopped]
    = C:\WINDOWS\system32\locator.exe (Microsoft Corporation)

    (RpcSs) Remote Procedure Call (RPC) [Win32_Shared | Auto | Running]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (RSVP) QoS RSVP [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\rsvp.exe (Microsoft Corporation)

    (SamSs) Security Accounts Manager [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)

    (SCardSvr) Smart Card [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\scardsvr.exe (Microsoft Corporation)

    (Schedule) Task Scheduler [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (seclogon) Secondary Logon [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (SENS) System Event Notification [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (SharedAccess) Windows Firewall/Internet Connection Sharing (ICS) [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (ShellHWDetection) Shell Hardware Detection [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (Spooler) Print Spooler [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)

    (srservice) System Restore Service [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (SSDPSRV) SSDP Discovery Service [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (stisvc) Windows Image Acquisition (WIA) [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (SwPrv) MS Software Shadow Copy Provider [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\dllhost.exe (Microsoft Corporation)

    (SysmonLog) Performance Logs and Alerts [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\smlogsvc.exe (Microsoft Corporation)

    (TapiSrv) Telephony [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (TermService) Terminal Services [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (Themes) Themes [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (TlntSvr) Telnet [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\tlntsvr.exe (Microsoft Corporation)

    (TrkWks) Distributed Link Tracking Client [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (upnphost) Universal Plug and Play Device Host [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (UPS) Uninterruptible Power Supply [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\ups.exe (Microsoft Corporation)

    (VSS) Volume Shadow Copy [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\vssvc.exe (Microsoft Corporation)

    (VSSERV) BitDefender Virus Shield [Win32_Own | Disabled | Stopped]
    = C:\Program Files\Softwin\BitDefender10\vsserv.exe (SOFTWIN S.R.L.)

    (W32Time) Windows Time [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (WebClient) WebClient [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (winmgmt) Windows Management Instrumentation [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (Wintab32) Wintab32 [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\wintab32.exe ()

    (WmdmPmSN) Portable Media Serial Number Service [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (Wmi) Windows Management Instrumentation Driver Extensions [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (WmiApSrv) WMI Performance Adapter [Win32_Own | Disabled | Stopped]
    = C:\WINDOWS\system32\wbem\wmiapsrv.exe (Microsoft Corporation)

    (WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Disabled | Stopped]
    = C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

    (wscsvc) Security Center [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (wuauserv) Automatic Updates [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (WZCSVC) Wireless Zero Configuration [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    (XCOMM) BitDefender Communicator [Win32_Own | Disabled | Stopped]
    = C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe (Softwin)

    (xmlprov) Network Provisioning Service [Win32_Shared | Disabled | Stopped]
    = C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

    »»»»»»»»»»»»»»»»»»»» Driver Services (All) »»»»»»»»»»»»»»»»»»»»

    (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped]
    = (File not found)

    (abp480n5) abp480n5 [Kernel | Disabled | Stopped]
    = (File not found)

    (ACPI) Microsoft ACPI Driver [Kernel | Boot | Running]
    = C:\WINDOWS\system32\drivers\acpi.sys (Microsoft Corporation)

    (ACPIEC) ACPIEC [Kernel | Disabled | Stopped]
    = C:\WINDOWS\System32\drivers\acpiec.sys (Microsoft Corporation)

    (adpu160m) adpu160m [Kernel | Disabled | Stopped]
    = (File not found)

    (aec) Microsoft Kernel Acoustic Echo Canceller [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\aec.sys (Microsoft Corporation)

    (AFD) AFD Networking Support Environment [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\afd.sys (Microsoft Corporation)

    (Aha154x) Aha154x [Kernel | Disabled | Stopped]
    = (File not found)

    (aic78u2) aic78u2 [Kernel | Disabled | Stopped]
    = (File not found)

    (aic78xx) aic78xx [Kernel | Disabled | Stopped]
    = (File not found)

    (AliIde) AliIde [Kernel | Disabled | Stopped]
    = (File not found)

    (AmdK7) AMD K7 Processor Driver [Kernel | System | Stopped]
    = C:\WINDOWS\system32\drivers\amdk7.sys (Microsoft Corporation)

    (amsint) amsint [Kernel | Disabled | Stopped]
    = (File not found)

    (asc) asc [Kernel | Disabled | Stopped]
    = (File not found)

    (asc3350p) asc3350p [Kernel | Disabled | Stopped]
    = (File not found)

    (asc3550) asc3550 [Kernel | Disabled | Stopped]
    = (File not found)

    (AsyncMac) RAS Asynchronous Media Driver [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\asyncmac.sys (Microsoft Corporation)

    (atapi) Standard IDE/ESDI Hard Disk Controller [Kernel | Boot | Running]
    = C:\WINDOWS\system32\drivers\atapi.sys (Microsoft Corporation)

    (Atdisk) Atdisk [Kernel | Disabled | Stopped]
    = (File not found)

    (Atmarpc) ATM ARP Client Protocol [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\atmarpc.sys (Microsoft Corporation)

    (audstub) Audio Stub Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\audstub.sys (Microsoft Corporation)

    (bdfdll) bdfdll [Kernel | On_Demand | Stopped]
    = C:\Program Files\Softwin\BitDefender10\bdfdll.sys ()

    (BDFSDRV) BDFSDRV [Kernel | On_Demand | Stopped]
    = C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys ()

    (BDRSDRV) BDRSDRV [Kernel | Auto | Running]
    = C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys ()

    (Beep) Beep [Kernel | System | Running]
    = C:\WINDOWS\System32\drivers\beep.sys (Microsoft Corporation)

    (BrPar) BrPar [Kernel | Auto | Running]
    = C:\WINDOWS\system32\drivers\BRPAR.SYS (Brother Industries Ltd.)

    (cbidf2k) cbidf2k [Kernel | Disabled | Stopped]
    = C:\WINDOWS\System32\drivers\cbidf2k.sys (Microsoft Corporation)

    (cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped]
    = (File not found)

    (Cdaudio) Cdaudio [Kernel | System | Stopped]
    = C:\WINDOWS\System32\drivers\cdaudio.sys (Microsoft Corporation)

    (Cdfs) Cdfs [File_System | Disabled | Running]
    = C:\WINDOWS\System32\drivers\cdfs.sys (Microsoft Corporation)

    (Cdrom) CD-ROM Driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\cdrom.sys (Microsoft Corporation)

    (Changer) Changer [Kernel | System | Stopped]
    = (File not found)

    (CmdIde) CmdIde [Kernel | Disabled | Stopped]
    = (File not found)

    (cmuda) C-Media WDM Audio Interface [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\cmuda.sys (C-Media Inc)

    (Cpqarray) Cpqarray [Kernel | Disabled | Stopped]
    = (File not found)

    (dac960nt) dac960nt [Kernel | Disabled | Stopped]
    = (File not found)

    (Disk) Disk Driver [Kernel | Boot | Running]
    = C:\WINDOWS\system32\drivers\disk.sys (Microsoft Corporation)

    (dmboot) dmboot [Kernel | Disabled | Stopped]
    = C:\WINDOWS\system32\drivers\dmboot.sys (Microsoft Corp., Veritas Software)

    (dmio) Logical Disk Manager Driver [Kernel | Boot | Running]
    = C:\WINDOWS\system32\drivers\dmio.sys (Microsoft Corp., Veritas Software)

    (dmload) dmload [Kernel | Boot | Running]
    = C:\WINDOWS\System32\drivers\dmload.sys (Microsoft Corp., Veritas Software.)

    (DMusic) Microsoft Kernel DLS Syntheiszer [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\dmusic.sys (Microsoft Corporation)

    (dpti2o) dpti2o [Kernel | Disabled | Stopped]
    = (File not found)

    (drmkaud) Microsoft Kernel DRM Audio Descrambler [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Corporation)

    (Fastfat) Fastfat [File_System | Disabled | Running]
    = C:\WINDOWS\System32\drivers\fastfat.sys (Microsoft Corporation)

    (Fdc) Floppy Disk Controller Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\fdc.sys (Microsoft Corporation)

    (Fips) Fips [Kernel | System | Running]
    = C:\WINDOWS\System32\drivers\fips.sys (Microsoft Corporation)

    (Flpydisk) Floppy Disk Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\flpydisk.sys (Microsoft Corporation)

    (FltMgr) FltMgr [File_System | Boot | Running]
    = C:\WINDOWS\system32\drivers\fltmgr.sys (Microsoft Corporation)

    (Ftdisk) Volume Manager Driver [Kernel | Boot | Running]
    = C:\WINDOWS\system32\drivers\ftdisk.sys (Microsoft Corporation)

    (gameenum) Game Port Enumerator [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)

    (GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

    (Gpc) Generic Packet Classifier [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\msgpc.sys (Microsoft Corporation)

    (HidUsb) Microsoft HID Class Driver [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\hidusb.sys (Microsoft Corporation)

    (hpn) hpn [Kernel | Disabled | Stopped]
    = (File not found)

    (hpt3xx) hpt3xx [Kernel | Disabled | Stopped]
    = (File not found)

    (HTTP) HTTP [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\http.sys (Microsoft Corporation)

    (i2omgmt) i2omgmt [Kernel | System | Stopped]
    = (File not found)

    (i2omp) i2omp [Kernel | Disabled | Stopped]
    = (File not found)

    (i8042prt) i8042 Keyboard and PS/2 Mouse Port Driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\i8042prt.sys (Microsoft Corporation)

    (Imapi) CD-Burning Filter Driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\imapi.sys (Microsoft Corporation)
     
  12. Narodnik

    Narodnik Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    18
    (InCDfs) InCD File System [File_System | Disabled | Running]
    = C:\WINDOWS\System32\drivers\InCDfs.sys (Nero AG)

    (InCDPass) InCDPass [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\InCDpass.sys (Nero AG)

    (incdrm) InCD Reader [Kernel | System | Running]
    = C:\WINDOWS\System32\drivers\InCDrm.sys (Nero AG)

    (ini910u) ini910u [Kernel | Disabled | Stopped]
    = (File not found)

    (IntelIde) IntelIde [Kernel | Disabled | Stopped]
    = (File not found)

    (Ip6Fw) IPv6 Windows Firewall Driver [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\ip6fw.sys (Microsoft Corporation)

    (IpFilterDriver) IP Traffic Filter Driver [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\ipfltdrv.sys (Microsoft Corporation)

    (IpInIp) IP in IP Tunnel Driver [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\ipinip.sys (Microsoft Corporation)

    (IpNat) IP Network Address Translator [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\ipnat.sys (Microsoft Corporation)

    (IPSec) IPSEC driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\ipsec.sys (Microsoft Corporation)

    (IRENUM) IR Enumerator Service [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\irenum.sys (Microsoft Corporation)

    (isapnp) PnP ISA/EISA Bus Driver [Kernel | Boot | Running]
    = C:\WINDOWS\system32\drivers\isapnp.sys (Microsoft Corporation)

    (Kbdclass) Keyboard Class Driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\kbdclass.sys (Microsoft Corporation)

    (kmixer) Microsoft Kernel Wave Audio Mixer [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\kmixer.sys (Microsoft Corporation)

    (KSecDD) KSecDD [Kernel | Boot | Running]
    = C:\WINDOWS\System32\drivers\ksecdd.sys (Microsoft Corporation)

    (L8042pr2) Logitech PS/2 Mouse Filter Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\L8042pr2.Sys (Logitech, Inc.)

    (lbrtfdc) lbrtfdc [Kernel | System | Stopped]
    = (File not found)

    (LMouFlt2) Logitech Mouse Class Filter Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.)

    (mnmdd) mnmdd [Kernel | System | Running]
    = C:\WINDOWS\System32\drivers\mnmdd.sys (Microsoft Corporation)

    (Modem) Modem [Kernel | On_Demand | Running]
    = C:\WINDOWS\System32\drivers\modem.sys (Microsoft Corporation)

    (Mouclass) Mouse Class Driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\mouclass.sys (Microsoft Corporation)

    (mouhid) Mouse HID Driver [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\mouhid.sys (Microsoft Corporation)

    (MountMgr) Mount Point Manager [Kernel | Boot | Running]
    = C:\WINDOWS\System32\drivers\mountmgr.sys (Microsoft Corporation)

    (mraid35x) mraid35x [Kernel | Disabled | Stopped]
    = (File not found)

    (MRxDAV) WebDav Client Redirector [File_System | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\mrxdav.sys (Microsoft Corporation)

    (MRxSmb) MRxSmb [File_System | System | Running]
    = C:\WINDOWS\system32\drivers\mrxsmb.sys (Microsoft Corporation)

    (Msfs) Msfs [File_System | System | Running]
    = C:\WINDOWS\System32\drivers\msfs.sys (Microsoft Corporation)

    (MSKSSRV) Microsoft Streaming Service Proxy [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\mskssrv.sys (Microsoft Corporation)

    (MSPCLOCK) Microsoft Streaming Clock Proxy [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\mspclock.sys (Microsoft Corporation)

    (MSPQM) Microsoft Streaming Quality Manager Proxy [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\mspqm.sys (Microsoft Corporation)

    (mssmbios) Microsoft System Management BIOS Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\mssmbios.sys (Microsoft Corporation)

    (ms_mpu401) Microsoft MPU-401 MIDI UART Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)

    (Mup) Mup [File_System | Boot | Running]
    = C:\WINDOWS\System32\drivers\mup.sys (Microsoft Corporation)

    (NDIS) NDIS System Driver [Kernel | Boot | Running]
    = C:\WINDOWS\System32\drivers\ndis.sys (Microsoft Corporation)

    (NdisTapi) Remote Access NDIS TAPI Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\ndistapi.sys (Microsoft Corporation)

    (Ndisuio) NDIS Usermode I/O Protocol [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\ndisuio.sys (Microsoft Corporation)

    (NdisWan) Remote Access NDIS WAN Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\ndiswan.sys (Microsoft Corporation)

    (NDProxy) NDIS Proxy [Kernel | On_Demand | Running]
    = C:\WINDOWS\System32\drivers\ndproxy.sys (Microsoft Corporation)

    (NetBIOS) NetBIOS Interface [File_System | System | Running]
    = C:\WINDOWS\system32\drivers\netbios.sys (Microsoft Corporation)

    (NetBT) NetBT [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\netbt.sys (Microsoft Corporation)

    (Npfs) Npfs [File_System | System | Running]
    = C:\WINDOWS\System32\drivers\npfs.sys (Microsoft Corporation)

    (Ntfs) Ntfs [File_System | Disabled | Running]
    = C:\WINDOWS\System32\drivers\ntfs.sys (Microsoft Corporation)

    (Null) Null [Kernel | System | Running]
    = C:\WINDOWS\System32\drivers\null.sys (Microsoft Corporation)

    (NwlnkFlt) IPX Traffic Filter Driver [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\nwlnkflt.sys (Microsoft Corporation)

    (NwlnkFwd) IPX Traffic Forwarder Driver [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\nwlnkfwd.sys (Microsoft Corporation)

    (Parport) Parallel port driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\parport.sys (Microsoft Corporation)

    (PartMgr) Partition Manager [Kernel | Boot | Running]
    = C:\WINDOWS\System32\drivers\partmgr.sys (Microsoft Corporation)

    (ParVdm) ParVdm [Kernel | Auto | Running]
    = C:\WINDOWS\System32\drivers\parvdm.sys (Microsoft Corporation)

    (PCI) PCI Bus Driver [Kernel | Boot | Running]
    = C:\WINDOWS\system32\drivers\pci.sys (Microsoft Corporation)

    (PCIDump) PCIDump [Kernel | System | Stopped]
    = (File not found)

    (PCIIde) PCIIde [Kernel | Boot | Running]
    = C:\WINDOWS\system32\drivers\pciide.sys (Microsoft Corporation)

    (Pcmcia) Pcmcia [Kernel | Disabled | Stopped]
    = C:\WINDOWS\System32\drivers\pcmcia.sys (Microsoft Corporation)

    (Pcouffin) VSO Software pcouffin [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\pcouffin.sys (VSO Software)

    (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped]
    = (File not found)

    (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped]
    = (File not found)

    (PDRELI) PDRELI [Kernel | On_Demand | Stopped]
    = (File not found)

    (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped]
    = (File not found)

    (perc2) perc2 [Kernel | Disabled | Stopped]
    = (File not found)

    (perc2hib) perc2hib [Kernel | Disabled | Stopped]
    = (File not found)

    (PGPmemlock) PGPmemlock [Kernel | Auto | Running]
    = C:\WINDOWS\system32\drivers\PGPmemlock.sys (Network Associates, Inc.)

    (PptpMiniport) WAN Miniport (PPTP) [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\raspptp.sys (Microsoft Corporation)

    (Processor) Processor Driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\processr.sys (Microsoft Corporation)

    (Profos) Profos [Kernel | On_Demand | Stopped]
    = C:\Program Files\Softwin\BitDefender10\profos.sys ()

    (PSched) QoS Packet Scheduler [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\psched.sys (Microsoft Corporation)

    (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)

    (ql1080) ql1080 [Kernel | Disabled | Stopped]
    = (File not found)

    (Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped]
    = (File not found)

    (ql12160) ql12160 [Kernel | Disabled | Stopped]
    = (File not found)

    (ql1240) ql1240 [Kernel | Disabled | Stopped]
    = (File not found)

    (ql1280) ql1280 [Kernel | Disabled | Stopped]
    = (File not found)

    (QV2KUX) Casio Digital Camera [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\qv2kux.sys (Microsoft Corporation)

    (RasAcd) Remote Access Auto Connection Driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\rasacd.sys (Microsoft Corporation)

    (Rasl2tp) WAN Miniport (L2TP) [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\rasl2tp.sys (Microsoft Corporation)

    (RasPppoe) Remote Access PPPOE Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\raspppoe.sys (Microsoft Corporation)

    (Raspti) Direct Parallel [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\raspti.sys (Microsoft Corporation)

    (Rdbss) Rdbss [File_System | System | Running]
    = C:\WINDOWS\system32\drivers\rdbss.sys (Microsoft Corporation)

    (RDPCDD) RDPCDD [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\rdpcdd.sys (Microsoft Corporation)

    (rdpdr) Terminal Server Device Redirector Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\rdpdr.sys (Microsoft Corporation)

    (RDPWD) RDPWD [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\System32\drivers\rdpwd.sys (Microsoft Corporation)

    (redbook) Digital CD Audio Playback Filter Driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\redbook.sys (Microsoft Corporation)

    (ROOTMODEM) Microsoft Legacy Modem Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\rootmdm.sys (Microsoft Corporation)

    (SCDEmu) SCDEmu [Kernel | System | Running]
    = C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)

    (Secdrv) Secdrv [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\secdrv.sys ()

    (serenum) Serenum Filter Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\serenum.sys (Microsoft Corporation)

    (Serial) Serial port driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\serial.sys (Microsoft Corporation)

    (Sfloppy) Sfloppy [Kernel | System | Stopped]
    = C:\WINDOWS\System32\drivers\sfloppy.sys (Microsoft Corporation)

    (Simbad) Simbad [Kernel | Disabled | Stopped]
    = (File not found)

    (SiS315) SiS315 [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation)

    (sisagp) SiS AGP Filter [Kernel | Boot | Running]
    = C:\WINDOWS\system32\drivers\SISAGPX.SYS (Silicon Integrated Systems Corporation)

    (SiSkp) SiSkp [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\srvkp.sys ()

    (SISNIC) SiS PCI Fast Ethernet Adapter Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)

    (Sparrow) Sparrow [Kernel | Disabled | Stopped]
    = (File not found)

    (splitter) Microsoft Kernel Audio Splitter [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Corporation)

    (sr) System Restore Filter Driver [File_System | Boot | Running]
    = C:\WINDOWS\system32\drivers\sr.sys (Microsoft Corporation)

    (Srv) Srv [File_System | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\srv.sys (Microsoft Corporation)




    (swenum) Software Bus Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\swenum.sys (Microsoft Corporation)

    (swmidi) Microsoft Kernel GS Wavetable Synthesizer [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft Corporation)

    (symc810) symc810 [Kernel | Disabled | Stopped]
    = (File not found)

    (symc8xx) symc8xx [Kernel | Disabled | Stopped]
    = (File not found)

    (sym_hi) sym_hi [Kernel | Disabled | Stopped]
    = (File not found)

    (sym_u3) sym_u3 [Kernel | Disabled | Stopped]
    = (File not found)

    (sysaudio) Microsoft Kernel System Audio Device [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\sysaudio.sys (Microsoft Corporation)

    (tbhsd) Tunebite High-Speed Dubbing [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)

    (Tcpip) TCP/IP Protocol Driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\TCPIP.SYS (Microsoft Corporation)

    (TDPIPE) TDPIPE [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\System32\drivers\tdpipe.sys (Microsoft Corporation)

    (TDTCP) TDTCP [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\System32\drivers\tdtcp.sys (Microsoft Corporation)

    (TermDD) Terminal Device Driver [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\termdd.sys (Microsoft Corporation)

    (TosIde) TosIde [Kernel | Disabled | Stopped]
    = (File not found)

    (Trufos) Trufos [Kernel | On_Demand | Stopped]
    = C:\Program Files\Softwin\BitDefender10\trufos.sys ()

    (Udfs) Udfs [File_System | Disabled | Stopped]
    = C:\WINDOWS\System32\drivers\udfs.sys (Microsoft Corporation)

    (ultra) ultra [Kernel | Disabled | Stopped]
    = (File not found)

    (Update) Microcode Update Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\update.sys (Microsoft Corporation)

    (usbehci) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\usbehci.sys (Microsoft Corporation)

    (usbhub) Microsoft USB Standard Hub Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\usbhub.sys (Microsoft Corporation)

    (usbohci) Microsoft USB Open Host Controller Miniport Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\usbohci.sys (Microsoft Corporation)

    (usbprint) Microsoft USB PRINTER Class [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\usbprint.sys (Microsoft Corporation)

    (usbscan) USB Scanner Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\usbscan.sys (Microsoft Corporation)

    (USBSTOR) USB Mass Storage Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\usbstor.sys (Microsoft Corporation)

    (VgaSave) VGA Display Controller. [Kernel | System | Running]
    = C:\WINDOWS\system32\drivers\vga.sys (Microsoft Corporation)

    (ViaIde) ViaIde [Kernel | Disabled | Stopped]
    = (File not found)

    (VolSnap) VolSnap [Kernel | Boot | Running]
    = C:\WINDOWS\System32\drivers\volsnap.sys (Microsoft Corporation)

    (W2kbhid) KBGear Tablet (USB) [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\w2kbhid.sys (LCS/Telegraphics)

    (Wanarp) Remote Access IP ARP Driver [Kernel | On_Demand | Running]
    = C:\WINDOWS\system32\drivers\wanarp.sys (Microsoft Corporation)

    (WDICA) WDICA [Kernel | On_Demand | Stopped]
    = (File not found)

    (wdmaud) Microsoft WINMM WDM Audio Compatibility Driver [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\wdmaud.sys (Microsoft Corporation)

    (Wtcls2k) Wtcls2k [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\wtcls2k.sys (LCS/Telegraphics)

    (WudfPf) Windows Driver Foundation - User-mode Driver Framework Platform Driver [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\WudfPf.sys (Microsoft Corporation)

    (WudfRd) Windows Driver Foundation - User-mode Driver Framework Reflector [Kernel | On_Demand | Stopped]
    = C:\WINDOWS\system32\drivers\WudfRd.sys (Microsoft Corporation)

    »»»»»»»»»»»»»»»»»»»» Registry Items (All) »»»»»»»»»»»»»»»»»»»»»

    >>>>> Run Keys and Auto-Start Folders <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    MSConfig = C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\msconfig.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]*

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
    Installed = 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
    Installed = 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
    Installed = 1
     
  13. Narodnik

    Narodnik Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    18
    < Common Startup Folder = C:\Documents and Settings\All Users\Start Menu\Programs\Startup >
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini ()

    < User Startup Folder = C:\Documents and Settings\Administrator\Start Menu\Programs\Startup >
    C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini ()

    >>>>> MsConfig Disabled Items <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]*

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]
    LiveUpdate = 3
    A1Monitor482391118 = 2
    xmlprov = 3
    XCOMM = 2
    WZCSVC = 2
    WudfSvc = 3
    wuauserv = 2
    wscsvc = 2
    WMPNetworkSvc = 3
    WmiApSrv = 3
    Wmi = 3
    WmdmPmSN = 3
    Wintab32 = 2
    winmgmt = 2
    WebClient = 2
    W32Time = 2
    VSSERV = 2
    VSS = 3
    UPS = 3
    upnphost = 3
    TrkWks = 2
    TlntSvr = 3
    Themes = 2
    TermService = 3
    TapiSrv = 3
    SysmonLog = 3
    SwPrv = 3
    stisvc = 2
    SSDPSRV = 3
    srservice = 2
    Spooler = 2
    ShellHWDetection = 2
    SharedAccess = 2
    SENS = 2
    seclogon = 2
    Schedule = 2
    SCardSvr = 3
    SamSs = 2
    RSVP = 3
    RemoteRegistry = 2
    RDSessMgr = 3
    RasMan = 3
    RasAuto = 3
    ProtectedStorage = 2
    PolicyAgent = 2
    PlugPlay = 2
    NtmsSvc = 3
    NtLmSsp = 3
    Nla = 3
    Netman = 3
    Netlogon = 3
    MSIServer = 3
    MSDTC = 3
    mnmsrvc = 3
    MDM = 2
    LmHosts = 2
    LIVESRV = 2
    lanmanworkstation = 2
    lanmanserver = 2
    iPodService = 3
    InCDsrv = 2
    ImapiService = 3
    IDriverT = 3
    HTTPFilter = 3
    helpsvc = 2
    gusvc = 3
    FastUserSwitchingCompatibility = 3
    EventSystem = 3
    Eventlog = 2
    ERSvc = 2
    Dnscache = 2
    dmserver = 2
    dmadmin = 3
    Dhcp = 2
    CryptSvc = 2
    COMSysApp = 3
    clr_optimization_v2.0.50727_32 = 3
    Browser = 2
    Brother XP spl Service = 2
    BITS = 2
    bdss = 2
    Automatic LiveUpdate Scheduler = 2
    AudioSrv = 2
    aspnet_state = 3
    AppMgmt = 3
    ALG = 3

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
    path = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk (File not found)
    backup = C:\WINDOWS\pss\Acrobat Assistant.lnk (File not found)
    location = Common Startup
    command = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)
    item = Acrobat Assistant

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
    path = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk (File not found)
    backup = C:\WINDOWS\pss\Adobe Gamma Loader.lnk (File not found)
    location = Common Startup
    command = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
    item = Adobe Gamma Loader

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ELSBLaunch.lnk]
    path = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ELSBLaunch.lnk (File not found)
    backup = C:\WINDOWS\pss\ELSBLaunch.lnk (File not found)
    location = Common Startup
    command = C:\Program Files\EarthLink\spamBlocker\ELSBLaunch.exe ()
    item = ELSBLaunch

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
    path = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk (File not found)
    backup = C:\WINDOWS\pss\Logitech Desktop Messenger.lnk (File not found)
    location = Common Startup
    command = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
    item = Logitech Desktop Messenger

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
    path = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk (File not found)
    backup = C:\WINDOWS\pss\Microsoft Office.lnk (File not found)
    location = Common Startup
    command = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
    item = Microsoft Office

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PGPtray.lnk]
    path = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PGPtray.lnk (File not found)
    backup = C:\WINDOWS\pss\PGPtray.lnk (File not found)
    location = Common Startup
    command = C:\Program Files\Network Associates\PGPNT\PGPTray.exe (Network Associates Technology, Inc.)
    item = PGPtray

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ScanPanel.lnk]
    path = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ScanPanel.lnk (File not found)
    backup = C:\WINDOWS\pss\ScanPanel.lnk (File not found)
    location = Common Startup
    command = C:\ScanPanel\ScnPanel.exe ()
    item = ScanPanel

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BDAgent]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = bdagent
    hkey = HKLM
    command = C:\Program Files\Softwin\BitDefender10\bdagent.exe (SOFTWIN S.R.L.)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BDMCon]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = bdmcon
    hkey = HKLM
    command = C:\Program Files\Softwin\BitDefender10\bdmcon.exe (SOFTWIN S.R.L.)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ctfmon.exe]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
    hkey = HKCU
    command = C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InCD]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = InCD
    hkey = HKLM
    command = C:\Program Files\Ahead\InCD\InCD.exe (Nero AG)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = iTunesHelper
    hkey = HKLM
    command = C:\Program Files\iTunes\iTunesHelper.exe (Apple Computer, Inc.)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KernelFaultCheck]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = dumprep 0 -k
    hkey = HKLM
    command = %systemroot%\system32\dumprep 0 -k
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Utility]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = C:\WINDOWS\Logi_MwX.Exe (Logitech Inc.)
    hkey = HKLM
    command = C:\WINDOWS\Logi_MwX.Exe (Logitech Inc.)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MsnMsgr]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = MsnMsgr
    hkey = HKCU
    command = C:\Program Files\MSN Messenger\msnmsgr.exe (Microsoft Corporation)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
    hkey = HKLM
    command = C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SCDEmuApp.exe]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = SCDEmuApp
    hkey = HKLM
    command = C:\Program Files\PowerISO\SCDEmuApp.exe (PowerISO Computing, Inc.)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
    key = SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item = GoogleToolbarNotifier
    hkey = HKCU
    command = C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)
    inimapping = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
    system.ini = 1
    win.ini = 1
    bootini = 0
    services = 1
    startup = 1

    >>>>> Disabled Startup Folder Items <<<<<

    >>>>> Items Started Through Miscellaneous Registry Keys <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path]
    Debugger = C:\WINDOWS\system32\ntsd.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    CDBurn = {fbeb8a05-beee-4442-804e-409d6c4515e9} ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )
    PostBootReminder = {7849596a-48ea-486e-8937-a2a3009f31a9} ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )
    SysTray = {35CEC8A3-2BE6-11D2-8773-92E220524153} ( HKLM = C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) )
    WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} ( HKLM = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) )
    WPDShServiceObj = {AAA288BA-9A4C-45B0-95D7-94D524869DB5} ( HKLM = C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    {AEB6717E-7E19-11d0-97EE-00C04FD91972} = ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    {438755C2-A8BA-11D1-B96B-00A0C90312E1} = Browseui preloader ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {8C7461EF-2B13-11d2-BE35-3078302C2030} = Component Categories cache daemon ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )

    >>>>> Security Providers <<<<<

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders]
    C:\WINDOWS\system32\msapsspc.dll (Microsoft Corporation)
    C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
    C:\WINDOWS\system32\digest.dll (Microsoft Corporation)
    C:\WINDOWS\system32\msnsspc.dll (Microsoft Corporation)

    >>>>> Winlogon Keys <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
    C:\WINDOWS\explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
    C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
    C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation)
    C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
    Control_RunDLL (File not found)
    C:\WINDOWS\system32\sysdm.cpl (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    DllName = C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    DllName = C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    DllName = C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    DllName = C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    DllName = C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    DllName = C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    DllName = C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    DllName = C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    DllName = C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    DllName = C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)

    >>>>> Policy Keys <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]*

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID]
    {17492023-C23A-453E-A040-C7C580BBF700} = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum]
    {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = 1
    {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} = 1073741857
    {0DF44EAA-FF21-4412-828E-260A8728E7F1} = 32

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
    dontdisplaylastusername = 0
    legalnoticecaption =
    legalnoticetext =
    shutdownwithoutlogon = 1
    undockwithoutlogon = 1

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]*

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    NoDriveTypeAutoRun = 145

    >>>>> Desktop Components <<<<<

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    FriendlyName = My Current Home Page
    Source = About:Home
    SubscribedURL = About:Home

    >>>>> HOSTS File <<<<<

    HOSTS file not found!

    >>>>> Internet Explorer Settings <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
    Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    Local Page = %SystemRoot%\system32\blank.htm
    Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
    CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    Default_Search_URL = http://www.google.com/ie
    SearchAssistant = http://www.google.com/ie

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
    Search Bar = http://www.google.com/ie
    Search Page = http://www.google.com
    Start Page = about:blank

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
    SearchAssistant = http://www.google.com/ie

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = Microsoft Url Search Hook ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    ProxyEnable = 0
     
  14. Narodnik

    Narodnik Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    18
    >>>>> Browser Helper Objects <<<<<

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
    - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    - ( HKLM = C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) )

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    - SSVHelper Class ( HKLM = C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll (Sun Microsystems, Inc.) )

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    - Google Toolbar Helper ( HKLM = c:\program files\Google\googletoolbar3.dll (Google Inc.) )

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA8A9780-280D-11CF-A24D-444553540000}]
    - Adobe Acrobat Control for ActiveX ( HKLM = C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\pdf.ocx (Adobe Systems Incorporated) )

    >>>>> Bars, Toolbars and Extensions <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}]
    - &Tip of the Day ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}]
    - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}]
    - File Search Explorer Band ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}]
    - Favorites Band ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}]
    - Explorer Band ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google ( HKLM = c:\program files\Google\googletoolbar3.dll (Google Inc.) )
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN Toolbar ( HKLM = C:\Program Files\MSN Toolbar\01.01.2607.0\en-us\msntb.dll (Microsoft Corporation) )

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\ToolBar\ShellBrowser]
    {01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {2318C2B1-4965-11D4-9B18-009027A5CD4F} - &Google ( HKLM = c:\program files\Google\googletoolbar3.dll (Google Inc.) )
    {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\ToolBar\WebBrowser]
    {01E04581-4EEE-11D0-BFE9-00AA005B4383} - &Address ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {0E5CBF21-D15F-11D0-8301-00AA005B4383} - &Links ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )
    {2318C2B1-4965-11D4-9B18-009027A5CD4F} - &Google ( HKLM = c:\program files\Google\googletoolbar3.dll (Google Inc.) )
    {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {C4069E3A-68F1-403E-B40E-20066696354B} - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {C7768536-96F8-4001-B1A2-90EE21279187} - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar ( HKLM = Reg Data - Key not found (File not found) )

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} = 8201 - Reg Data - Value does not exist ( HKLM = Reg Data - Key not found (File not found) )
    {9885224C-1217-4c5f-83C2-00002E6CEF2B} = 8197 - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {A6E07A80-436A-11d3-83B6-00902747E82E} = 8194 - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {A6E07A82-436A-11d3-83B6-00902747E82E} = 8195 - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} = 8198 - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {e2e2dd38-d088-4134-82b7-f2ba38496583} = 8202 - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {ECC5777A-6E88-BFCE-13CE-81F134789E7B} = 8199 - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {F05B7DAE-337E-11D3-83B6-00E0980647AC} = 8196 - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    {FB5F1910-F110-11d2-BB9E-00C04F795683} = 8193 - Reg Data - Key not found ( HKLM = Reg Data - Key not found (File not found) )
    NextId = 8203

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}]
    MenuText = Sun Java Console
    ClsidExtension = {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC} - Java Plug-in 1.5.0_11 ( HKLM C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll (Sun Microsystems, Inc.) )

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583}]
    MenuText = @xpsp3res.dll,-20001
    Exec = C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}]
    ButtonText = Messenger
    MenuText = Windows Messenger
    Exec = C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download All by FlashGet]
    @ = C:\Program Files\FlashGet\jc_all.htm ()

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download using FlashGet]
    @ = C:\Program Files\FlashGet\jc_link.htm ()

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel]
    @ = Reg Data - Value does not exist (File not found)

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Shorten URL]
    @ = http:\www.cjb.net\menuext.htm (File not found)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension\.spop]
    Location = C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)

    >>>>> Approved Shell Extensions <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
    {00022613-0000-0000-C000-000000000046} = Multimedia File Property Sheet ( HKLM = C:\WINDOWS\system32\mmsys.cpl (Microsoft Corporation) )
    {0006F045-0000-0000-C000-000000000046} = Outlook File Icon Extension ( HKLM = C:\Program Files\Microsoft Office\Office\OLKFSTUB.DLL (Microsoft Corporation) )
    {00BB2763-6A77-11D0-A535-00C04FD7D062} = Microsoft AutoComplete ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {00BB2764-6A77-11D0-A535-00C04FD7D062} = Microsoft History AutoComplete List ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {00BB2765-6A77-11D0-A535-00C04FD7D062} = Microsoft Multiple AutoComplete List Container ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {01E04581-4EEE-11d0-BFE9-00AA005B4383} = &Address ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {03C036F1-A186-11D0-824A-00AA005B4383} = Microsoft Shell Folder AutoComplete List ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {07798131-AF23-11d1-9111-00A0C98BA67D} = Web Search ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {07C45BB1-4A8C-4642-A1F5-237E7215FF66} = IE Microsoft BrowserBand ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {08165EA0-E946-11CF-9C87-00AA005127ED} = WebCheckWebCrawler ( HKLM = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) )
    {0A89A860-D7B1-11CE-8350-444553540000} = Shell Automation Inproc Service ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {0B124F8F-91F0-11D1-B8B5-006008059382} = Installed Apps Enumerator ( HKLM = C:\WINDOWS\system32\appwiz.cpl (Microsoft Corporation) )
    {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} = Cabinet File ( HKLM = C:\WINDOWS\system32\cabview.dll (Microsoft Corporation) )
    {0D45D530-764B-11d0-A1CA-00AA00C16E65} = Directory Property UI ( HKLM = C:\WINDOWS\system32\dsuiext.dll (Microsoft Corporation) )
    {0DF44EAA-FF21-4412-828E-260A8728E7F1} = Taskbar and Start Menu ( HKLM = Reg Data - Key not found (File not found) )
    {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} = Microsoft DocProp Inplace Droplist Combo Control ( HKLM = C:\WINDOWS\system32\docprop2.dll (Microsoft Corporation) )
    {10CFC467-4392-11d2-8DB4-00C04FA31A66} = Offline Files Folder Options ( HKLM = C:\WINDOWS\system32\cscui.dll (Microsoft Corporation) )
    {11C1D741-A95B-11d2-8A80-0080ADB32FF4} = FTP Surfer Shell Extension ( CLSID not found! )
    {11C1D741-A95B-11d2-8A80-0080ADB32FF4} = FTP Surfer ( HKCU = C:\Program Files\FTP-Whisper Technology\FTP Surfer\wtftpshx.dll (Whisper Technology Limited) )
    {131A6951-7F78-11D0-A979-00C04FD705A2} = ISFBand OC ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {143A62C8-C33B-11D1-84FE-00C04FA34A14} = Microsoft Agent Character Property Sheet Handler ( HKLM = C:\WINDOWS\msagent\agentpsh.dll (Microsoft Corporation) )
    {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} = Directory Object Find ( HKLM = C:\WINDOWS\system32\dsquery.dll (Microsoft Corporation) )
    {169A0691-8DF9-11d1-A1C4-00C04FD75D13} = In-pane search ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {176d6597-26d3-11d1-b350-080036a75b03} = ICM Scanner Management ( HKLM = C:\WINDOWS\system32\icmui.dll (Microsoft Corporation) )
    {1C1EDB47-CE22-4bbb-B608-77B48F83C823} = IE Fade Task ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {1D2680C9-0E2A-469d-B787-065558BC7D43} = Fusion Cache ( HKLM = C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) )
    {1F2E5C40-9550-11CE-99D2-00AA006E086C} = Security Shell Extension ( HKLM = C:\WINDOWS\system32\rshx32.dll (Microsoft Corporation) )
    {202863C7-D154-4D54-B9BD-077353FA9A08} = FastACExt Class ( HKLM = C:\Program Files\LitexMedia\Fast Audio Converter\FastACShellExt.dll () )
    {205D7A97-F16D-4691-86EF-F3075DCCA57D} = IE Menu Desk Bar ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {21569614-B795-46b1-85F4-E737A8DC09AD} = Shell Search Band ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {2206CDB2-19C1-11D1-89E0-00C04FD7A829} = Microsoft OLE DB Service Component Data Links ( HKLM = C:\Program Files\Common Files\System\Ole DB\oledb32.dll (Microsoft Corporation) )
    {22BF0C20-6DA7-11D0-B373-00A0C9034938} = Download Status ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} = Search ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} = Help and Support ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} = Windows Security ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} = Run... ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} = Internet ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} = E-mail ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} = Set Program Access and Defaults ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} = Microsoft DocProp Inplace Time Control ( HKLM = C:\WINDOWS\system32\docprop2.dll (Microsoft Corporation) )
    {2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5} = dMCIShell Class ( HKLM = C:\Program Files\Illustrate\dBpowerAMP\dMCShell.dll () )
    {3028902F-6374-48b2-8DC6-9725E775B926} = IE AutoComplete ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {30D02401-6A81-11d0-8274-00C04FD5AE38} = IE Search Band ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {32683183-48a0-441b-a342-7c2a440a9478} = Media Band ( CLSID not found! )
    {32714800-2E5F-11d0-8B85-00AA0044F941} = For &People... ( HKLM = C:\Program Files\Outlook Express\wabfind.dll (Microsoft Corporation) )
    {352EC2B7-8B9A-11D1-B8AE-006008059382} = Shell Application Manager ( HKLM = C:\WINDOWS\system32\appwiz.cpl (Microsoft Corporation) )
    {35786D3C-B075-49b9-88DD-029876E11C01} = Portable Devices ( HKLM = C:\WINDOWS\system32\WpdShext.dll (Microsoft Corporation) )
    {3C374A40-BAE4-11CF-BF7D-00AA006946EE} = Microsoft Url History Service ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} = Shell DeskBarApp ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} = The Internet ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {3EA48300-8CF6-101B-84FB-666CCB9BCD32} = OLE Docfile Property Page ( HKLM = C:\WINDOWS\system32\docprop.dll (Microsoft Corporation) )
    {3F30C968-480A-4C6C-862D-EFC0897BB84B} = GDI+ file thumbnail extractor ( HKLM = C:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) )
    {3F953603-1008-4f6e-A73A-04AAC7A992F1} = Scanners & Cameras ( HKLM = C:\WINDOWS\system32\wiashext.dll (Microsoft Corporation) )
    {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} = Video Media Properties Handler ( HKLM = C:\WINDOWS\system32\shmedia.dll (Microsoft Corporation) )
    {40dd6e20-7c17-11ce-a804-00aa003ca9f6} = Shell extensions for sharing ( HKLM = C:\WINDOWS\system32\ntshrui.dll (Microsoft Corporation) )
    {41E300E0-78B6-11ce-849B-444553540000} = PlusPack CPL Extension ( HKLM = C:\WINDOWS\system32\themeui.dll (Microsoft Corporation) )
    {42071712-76d4-11d1-8b24-00a0c9068ff3} = Display Adapter CPL Extension ( HKLM = C:\WINDOWS\system32\deskadp.dll (Microsoft Corporation) )
    {42071713-76d4-11d1-8b24-00a0c9068ff3} = Display Monitor CPL Extension ( HKLM = C:\WINDOWS\system32\deskmon.dll (Microsoft Corporation) )
    {42071714-76d4-11d1-8b24-00a0c9068ff3} = Display Panning CPL Extension ( HKLM = Reg Data - Key not found (File not found) )
    {43886CD5-6529-41c4-A707-7B3C92C05E68} = IE Navigation Bar ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {44C76ECD-F7FA-411c-9929-1B77BA77F524} = IE Menu Site ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {4a7ded0a-ad25-11d0-98a8-0800361b1103} = MyDocs menu and properties ( HKLM = C:\WINDOWS\system32\mydocs.dll (Microsoft Corporation) )
    {4B78D326-D922-44f9-AF2A-07805C2A3560} = IE Menu Band ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {4E40F770-369C-11d0-8922-00A024AB2DBB} = Security Shell Extension ( HKLM = C:\WINDOWS\system32\dssec.dll (Microsoft Corporation) )
    {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} = Compatibility Page ( HKLM = C:\WINDOWS\system32\slayerxp.dll (Microsoft Corporation) )
    {56117100-C0CD-101B-81E2-00AA004AE837} = Shell Scrap DataHandler ( HKLM = C:\WINDOWS\system32\shscrap.dll (Microsoft Corporation) )
    {58f1f272-9240-4f51-b6d4-fd63d1618591} = Get a Passport Wizard ( HKLM = C:\WINDOWS\system32\netplwiz.dll (Microsoft Corporation) )
    {59099400-57FF-11CE-BD94-0020AF85B590} = Disk Copy Extension ( HKLM = C:\WINDOWS\system32\diskcopy.dll (Microsoft Corporation) )
    {596AB062-B4D2-4215-9F74-E9109B0A8153} = Previous Versions Property Page ( HKLM = C:\WINDOWS\system32\twext.dll (Microsoft Corporation) )
    {59850401-6664-101B-B21C-00AA004BA90B} = Microsoft Office Binder Unbind ( HKLM = C:\Program Files\Microsoft Office\Office\1033\UNBIND.DLL (Microsoft Corporation) )
    {59be4990-f85c-11ce-aff7-00aa003ca9f6} = Shell extensions for Microsoft Windows Network objects ( HKLM = C:\WINDOWS\system32\ntlanui2.dll (Microsoft Corporation) )
    {5DB2625A-54DF-11D0-B6C4-0800091AA605} = ICM Monitor Management ( HKLM = C:\WINDOWS\system32\icmui.dll (Microsoft Corporation) )
    {5E6AB780-7743-11CF-A12B-00AA004AE837} = Microsoft Internet Toolbar ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {5F327514-6C5E-4d60-8F16-D07FA08A78ED} = Auto Update Property Sheet Extension ( HKLM = C:\WINDOWS\system32\wuaucpl.cpl (Microsoft Corporation) )
    {60254CA5-953B-11CF-8C96-00AA00B8708C} = Shell Extension For Windows Script Host ( HKLM = C:\WINDOWS\system32\wshext.dll (Microsoft Corporation) )
    {6038EF75-ABFC-4e59-AB6F-12D397F6568D} = IE Microsoft History AutoComplete List ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {60fd46de-f830-4894-a628-6fa81bc0190d} = DropTarget Object for Photo Printing Wizard ( HKLM = C:\WINDOWS\system32\photowiz.dll (Microsoft Corporation) )
    {62AE1F9A-126A-11D0-A14B-0800361B1103} = Directory Context Menu Verbs ( HKLM = C:\WINDOWS\system32\dsuiext.dll (Microsoft Corporation) )
    {63da6ec0-2e98-11cf-8d82-444553540000} = Microsoft FTP Folder ( HKLM = C:\WINDOWS\system32\msieftp.dll (Microsoft Corporation) )
    {640167b4-59b0-47a6-b335-a6b3c0695aea} = Portable Media Devices ( HKLM = C:\WINDOWS\system32\audiodev.dll (Microsoft Corporation) )
    {6413BA2C-B461-11d1-A18A-080036B11A03} = Augmented Shell Folder 2 ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} = Shell Image Data Factory ( HKLM = C:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) )
    {6756A641-DE71-11d0-831B-00AA005B4383} = MRU AutoComplete List ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {675F097E-4C4D-11D0-B6C1-0800091AA605} = ICM Printer Management ( HKLM = C:\WINDOWS\system32\icmui.dll (Microsoft Corporation) )
    {67EA19A0-CCEF-11d0-8024-00C04FD75D13} = CDF Extension Copy Hook ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {692F0339-CBAA-47e6-B5B5-3B84DB604E87} = Extensions Manager Folder ( HKLM = C:\WINDOWS\system32\extmgr.dll (Microsoft Corporation) )
    {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} = Custom MRU AutoCompleted List ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {6A205B57-2567-4A2C-B881-F787FAB579A3} = Microsoft DocProp Inplace Calendar Control ( HKLM = C:\WINDOWS\system32\docprop2.dll (Microsoft Corporation) )
    {6b33163c-76a5-4b6c-bf21-45de9cd503a1} = Shell Publishing Wizard Object ( HKLM = C:\WINDOWS\system32\netplwiz.dll (Microsoft Corporation) )
    {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} = IE Tracking Shell Menu ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {6CF48EF8-44CD-45d2-8832-A16EA016311B} = IE IShellFolderBand ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {7007ACC7-3202-11D1-AAD2-00805FC1270E} = Network Connections ( HKLM = C:\WINDOWS\system32\netshell.dll (Microsoft Corporation) )
    {7376D660-C583-11d0-A3A5-00C04FD706EC} = TridentImageExtractor ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {73CFD649-CD48-4fd8-A272-2070EA56526B} = IE BandProxy ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
     
  15. Narodnik

    Narodnik Thread Starter

    Joined:
    Feb 10, 2007
    Messages:
    18
    {7444C717-39BF-11D1-8CD9-00C04FC29D45} = CryptPKO Class ( HKLM = C:\WINDOWS\system32\cryptext.dll (Microsoft Corporation) )
    {7444C719-39BF-11D1-8CD9-00C04FC29D45} = CryptSig Class ( HKLM = C:\WINDOWS\system32\cryptext.dll (Microsoft Corporation) )
    {750fdf0e-2a26-11d1-a3ea-080036587f03} = Offline Files Menu ( HKLM = C:\WINDOWS\system32\cscui.dll (Microsoft Corporation) )
    {764BF0E1-F219-11ce-972D-00AA00A14F56} = Shell extensions for file compression ( CLSID not found! )
    {77597368-7b15-11d0-a0c2-080036af3f03} = Web Printer Shell Extension ( HKLM = C:\WINDOWS\system32\printui.dll (Microsoft Corporation) )
    {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} = Scheduling UI property sheet handler ( HKLM = C:\WINDOWS\system32\mstask.dll (Microsoft Corporation) )
    {7988B573-EC89-11cf-9C00-00AA00A14F56} = Microsoft Disk Quota UI ( HKLM = C:\WINDOWS\system32\dskquoui.dll (Microsoft Corporation) )
    {7A80E4A8-8005-11D2-BCF8-00C04F72C717} = ExtractIcon Class ( HKLM = C:\WINDOWS\system32\mmcshext.dll (Microsoft Corporation) )
    {7A9D77BD-5403-11d2-8785-2E0420524153} = User Accounts ( HKLM = Reg Data - Key not found (File not found) )
    {7BA4C742-9E81-11CF-99D3-00AA004AE837} = Microsoft BrowserBand ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {7BD29E00-76C1-11CF-9DD0-00A0C9034933} = Temporary Internet Files ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {7BD29E01-76C1-11CF-9DD0-00A0C9034933} = Temporary Internet Files ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {7D559C10-9FE9-11d0-93F7-00AA0059CE02} = Code Download Agent ( HKLM = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) )
    {7e653215-fa25-46bd-a339-34a2790f3cb7} = Accessible ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} = WebCheck SyncMgr Handler ( HKLM = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) )
    {83bbcbf3-b28a-4919-a5aa-73027445d672} = Scanners & Cameras ( HKLM = C:\WINDOWS\system32\wiashext.dll (Microsoft Corporation) )
    {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} = Encryption Context Menu ( CLSID not found! )
    {85BBD920-42A0-1069-A2E4-08002B30309D} = Briefcase ( HKLM = C:\WINDOWS\system32\syncui.dll (Microsoft Corporation) )
    {871C5380-42A0-1069-A2EA-08002B30309D} = Internet Name Space ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} = Audio Media Properties Handler ( HKLM = C:\WINDOWS\system32\shmedia.dll (Microsoft Corporation) )
    {87D62D94-71B3-4b9a-9489-5FE6850DC73E} = Avi Properties Handler ( HKLM = C:\WINDOWS\system32\shmedia.dll (Microsoft Corporation) )
    {883373C3-BF89-11D1-BE35-080036B11A03} = Microsoft DocProp Shell Ext ( HKLM = C:\WINDOWS\system32\docprop2.dll (Microsoft Corporation) )
    {88895560-9AA2-1069-930E-00AA0030EBC8} = HyperTerminal Icon Ext ( HKLM = C:\WINDOWS\system32\hticons.dll (Hilgraeve, Inc.) )
    {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} = Compressed (zipped) Folder SendTo Target ( HKLM = C:\WINDOWS\system32\zipfldr.dll (Microsoft Corporation) )
    {88C6C381-2E85-11D0-94DE-444553540000} = ActiveX Cache Folder ( HKLM = C:\WINDOWS\system32\occache.dll (Microsoft Corporation) )
    {8A23E65E-31C2-11d0-891C-00A024AB2DBB} = Directory Query UI ( HKLM = C:\WINDOWS\system32\dsquery.dll (Microsoft Corporation) )
    {8DD448E6-C188-4aed-AF92-44956194EB1F} = WMP Burn Audio CD Launcher ( HKLM = C:\WINDOWS\system32\wmpshell.dll (Microsoft Corporation) )
    {8EE97210-FD1F-4B19-91DA-67914005F020} = Microsoft DocProp Inplace ML Edit Box Control ( HKLM = C:\WINDOWS\system32\docprop2.dll (Microsoft Corporation) )
    {905667aa-acd6-11d2-8080-00805f6596d2} = Scanners & Cameras ( HKLM = C:\WINDOWS\system32\wiashext.dll (Microsoft Corporation) )
    {91EA3F8B-C99B-11d0-9815-00C04FD91972} = Augmented Shell Folder ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {9461b922-3c5a-11d2-bf8b-00c04fb93661} = Search Assistant OC ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {950FF917-7A57-46BC-8017-59D9BF474000} = Shell Extension for CDRW ( HKLM = C:\Program Files\Ahead\InCD\incdshx.dll (Nero AG) )
    {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = PowerISO ( HKLM = C:\Program Files\PowerISO\PowerISOShell.dll (PowerISO Computing, Inc.) )
    {969223c0-26aa-11d0-90ee-444553540000} = PGP Shell Extension ( HKLM = C:\WINDOWS\system32\PGPmn.dll (Network Associates Technology, Inc.) )
    {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} = IE MRU AutoComplete List ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {992CFFA0-F557-101A-88EC-00DD010CCC48} = Network Connections ( HKLM = C:\WINDOWS\system32\netshell.dll (Microsoft Corporation) )
    {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} = IE RSS Feeds Folder ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {9D958C62-3954-4b44-8FAB-C4670C1DB4C2} = IE Microsoft Shell Folder AutoComplete List ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {9DB7A13C-F208-4981-8353-73CC61AE2783} = Previous Versions ( HKLM = C:\WINDOWS\system32\twext.dll (Microsoft Corporation) )
    {9DBD2C50-62AD-11d0-B806-00C04FD706EC} = Summary Info Thumbnail handler (DOCFILES) ( HKLM = C:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) )
    {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} = Shell properties for a DS object ( HKLM = C:\WINDOWS\system32\dsquery.dll (Microsoft Corporation) )
    {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} = Sendmail service ( HKLM = C:\WINDOWS\system32\sendmail.dll (Microsoft Corporation) )
    {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} = Sendmail service ( HKLM = C:\WINDOWS\system32\sendmail.dll (Microsoft Corporation) )
    {A08C11D2-A228-11d0-825B-00AA005B4383} = Address EditBox ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} = IE4 Suite Splash Screen ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} = Microsoft Browser Architecture ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {A6FD9E45-6E44-43f9-8644-08598F5A74D9} = Midi Properties Handler ( HKLM = C:\WINDOWS\system32\shmedia.dll (Microsoft Corporation) )
    {A9CF0EAE-901A-4739-A481-E35B73E47F6D} = Microsoft DocProp Inplace Edit Box Control ( HKLM = C:\WINDOWS\system32\docprop2.dll (Microsoft Corporation) )
    {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} = Subscription Mgr ( HKLM = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) )
    {acf35015-526e-4230-9596-becbe19f0ac9} = Track Popup Bar ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {add36aa8-751a-4579-a266-d66f5202ccbb} = Print Ordering via the Web ( HKLM = C:\WINDOWS\system32\netplwiz.dll (Microsoft Corporation) )
    {AF4F6510-F982-11d0-8595-00AA004CD6D8} = Registry Tree Options Utility ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} = Offline Files Folder ( HKLM = C:\WINDOWS\system32\cscui.dll (Microsoft Corporation) )
    {B31C5FAE-961F-415b-BAF0-E697A5178B94} = IE Microsoft Multiple AutoComplete List Container ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR ( HKLM = C:\Program Files\WinRAR\RarExt.dll () )
    {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = iTunes ( HKLM = C:\Program Files\iTunes\iTunesMiniPlayer.dll (Apple Computer, Inc.) )
    {BC476F4C-D9D7-4100-8D4E-E043F6DEC409} = Microsoft Browser Architecture ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {BD472F60-27FA-11cf-B8B4-444553540000} = Compressed (zipped) Folder Right Drag Handler ( HKLM = C:\WINDOWS\system32\zipfldr.dll (Microsoft Corporation) )
    {BD84B380-8CA2-1069-AB1D-08000948F534} = Fonts ( HKLM = C:\WINDOWS\system32\fontext.dll (Microsoft Corporation) )
    {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = Web Folders ( HKLM = C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL (Microsoft Corporation) )
    {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} = IE Shell Rebar BandSite ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {c5a40261-cd64-4ccf-84cb-c394da41d590} = Video Thumbnail Extractor ( HKLM = C:\WINDOWS\system32\shmedia.dll (Microsoft Corporation) )
    {CC6EEFFB-43F6-46c5-9619-51D571967F7D} = Web Publishing Wizard ( HKLM = C:\WINDOWS\system32\netplwiz.dll (Microsoft Corporation) )
    {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} = WMP Play As Playlist Launcher ( HKLM = C:\WINDOWS\system32\wmpshell.dll (Microsoft Corporation) )
    {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = Microsoft Url Search Hook ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {CFCCC7A0-A282-11D1-9082-006008059382} = Darwin App Publisher ( HKLM = C:\WINDOWS\system32\appwiz.cpl (Microsoft Corporation) )
    {D20EA4E1-3957-11d2-A40B-0C5020524152} = Fonts ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {D20EA4E1-3957-11d2-A40B-0C5020524153} = Administrative Tools ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {D6277990-4C6A-11CF-8D87-00AA0060F5BF} = Scheduled Tasks ( HKLM = C:\WINDOWS\system32\mstask.dll (Microsoft Corporation) )
    {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} = Portable Devices Menu ( HKLM = C:\WINDOWS\system32\WpdShext.dll (Microsoft Corporation) )
    {D8BD2030-6FC9-11D0-864F-00AA006809D9} = PostAgent ( HKLM = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) )
    {DBCE2480-C732-101B-BE72-BA78E9AD5B27} = ICC Profile ( HKLM = C:\WINDOWS\system32\icmui.dll (Microsoft Corporation) )
    {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} = Scheduling UI icon handler ( HKLM = C:\WINDOWS\system32\mstask.dll (Microsoft Corporation) )
    {DD313E04-FEFF-11d1-8ECD-0000F87A470C} = User Assist ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {E0E11A09-5CB8-4B6C-8332-E00720A168F2} = Address Bar Parser ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {E211B736-43FD-11D1-9EFB-0000F8757FCD} = Scanners & Cameras ( HKLM = C:\WINDOWS\system32\wiashext.dll (Microsoft Corporation) )
    {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} = Shell Icon Handler for Application References ( HKLM = C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation) )
    {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} = WebCheckChannelAgent ( HKLM = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) )
    {E4B29F9D-D390-480b-92FD-7DDB47101D71} = Wav Properties Handler ( HKLM = C:\WINDOWS\system32\shmedia.dll (Microsoft Corporation) )
    {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} = ConnectionAgent ( HKLM = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) )
    {E6EE9AAC-F76B-4947-8260-A9F136138E11} = IE Shell Band Site Menu ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = WebCheck ( HKLM = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) )
    {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} = Shell DocObject Viewer ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {e82a2d71-5b2f-43a0-97b8-81be15854de8} = ShellLink for Application References ( HKLM = C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation) )
    {e84fda7c-1d6a-45f6-b725-cb260c236066} = Shell Image Verbs ( HKLM = C:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) )
    {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} = CompressedFolder ( HKLM = C:\WINDOWS\system32\zipfldr.dll (Microsoft Corporation) )
    {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} = TrayAgent ( HKLM = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) )
    {EAB841A0-9550-11cf-8C16-00805F1408F3} = HTML Thumbnail Extractor ( HKLM = C:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) )
    {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} = Shell Image Property Handler ( HKLM = C:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) )
    {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} = DfsShell Class ( HKLM = C:\WINDOWS\system32\dfsshlex.dll (Microsoft Corporation) )
    {ECD4FC4C-521C-11D0-B792-00A0C90312E1} = Shell DeskBar ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {ECD4FC4D-521C-11D0-B792-00A0C90312E1} = Shell Rebar BandSite ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {ECD4FC4E-521C-11D0-B792-00A0C90312E1} = Shell Band Site Menu ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {ECF03A32-103D-11d2-854D-006008059367} = MyDocs Drop Target ( HKLM = C:\WINDOWS\system32\mydocs.dll (Microsoft Corporation) )
    {ECF03A33-103D-11d2-854D-006008059367} = MyDocs Copy Hook ( HKLM = C:\WINDOWS\system32\mydocs.dll (Microsoft Corporation) )
    {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} = Global Folder Settings ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {EFA24E61-B078-11d0-89E4-00C04FC9E26E} = Favorites Band ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {EFA24E64-B078-11d0-89E4-00C04FC9E26E} = Explorer Band ( HKLM = C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) )
    {F0152790-D56E-4445-850E-4F3117DB740C} = Remote Sessions CPL Extension ( HKLM = C:\WINDOWS\system32\remotepg.dll (Microsoft Corporation) )
    {F020E586-5264-11d1-A532-0000F8757D7E} = Directory Start/Search Find ( HKLM = C:\WINDOWS\system32\dsquery.dll (Microsoft Corporation) )
    {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} = RealOne Player Context Menu Class ( HKLM = C:\Program Files\Real\RealPlayer\rpshell.dll (RealNetworks, Inc.) )
    {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} = WMP Add To Playlist Launcher ( HKLM = C:\WINDOWS\system32\wmpshell.dll (Microsoft Corporation) )
    {F2CF5485-4E02-4f68-819C-B92DE9277049} = &Links ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} = Security Shell Extension ( HKLM = C:\WINDOWS\system32\rshx32.dll (Microsoft Corporation) )
    {F5175861-2688-11d0-9C5E-00AA00A45957} = Subscription Folder ( HKLM = C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) )
    {F61FFEC1-754F-11d0-80CA-00AA005B4383} = BandProxy ( HKLM = C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) )
    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = Shell extensions for sharing ( HKLM = C:\WINDOWS\system32\ntshrui.dll (Microsoft Corporation) )
    {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} = IE Registry Tree Options Utility ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {f92e8c40-3d33-11d2-b1aa-080036a75b03} = Display TroubleShoot CPL Extension ( HKLM = C:\WINDOWS\system32\deskperf.dll (Microsoft Corporation) )
    {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} = IE User Assist ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} = Scanners & Cameras ( HKLM = C:\WINDOWS\system32\wiashext.dll (Microsoft Corporation) )
    {FBF23B40-E3F0-101B-8488-00AA003E56F8} = Internet Shortcut ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {FDE7673D-2E19-4145-8376-BBD58C4BC7BA} = IE Custom MRU AutoCompleted List ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    {FED7043D-346A-414D-ACD7-550D052499A7} = dBpShell Class ( HKLM = C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll () )
    {FF393560-C2A7-11CF-BFF4-444553540000} = History ( HKLM = C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) )
    InCDShellExt extension = {CAE3251E-9B15-4810-B268-852AD9792A59} ( CLSID not found! )
    InCDUdfPerm extension = {B3D9AEDE-B2C3-406d-A254-6BE07767B08B} ( CLSID not found! )

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
    {BDEADF00-C265-11d0-BCED-00A0C90AB50F} = Web Folders ( HKLM = C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL (Microsoft Corporation) )

    >>>>> Context Menu Handlers / Column Handlers <<<<<

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\{969223c0-26aa-11d0-90ee-444553540000}]
    - PGP Shell Extension ( HKLM = C:\WINDOWS\system32\PGPmn.dll (Network Associates Technology, Inc.) )

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}]
    - Start Menu Pin ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\{D653647D-D607-4df6-A5B8-48D2BA195F7B}]
    - BDMenu Class ( HKLM = C:\Program Files\Softwin\BitDefender10\bdshelxt.dll () )

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\FastACShellExt]
    @ = {202863C7-D154-4D54-B9BD-077353FA9A08} ( HKLM = C:\Program Files\LitexMedia\Fast Audio Converter\FastACShellExt.dll () )

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\Ninotech Date Edit]
    @ = {EECEEFEE-3DF7-11D0-9576-0000837A2FDD} ( HKLM = C:\WINDOWS\system32\ShellExt\DateEd32.dll (Ninotech) )

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\Offline Files]
    @ = {750fdf0e-2a26-11d1-a3ea-080036587f03} ( HKLM = C:\WINDOWS\system32\cscui.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\Open With]
    @ = {09799AFB-AD67-11d1-ABCD-00C04FC30936} ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\Open With EncryptionMenu]
    @ = {A470F8CF-A1E8-4f65-8335-227475AA5C46} ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\PowerISO]
    @ = {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} ( HKLM = C:\Program Files\PowerISO\PowerISOShell.dll (PowerISO Computing, Inc.) )

    [HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\WinRAR]
    @ = {B41DB860-8EE4-11D2-9906-E49FADC173CA} ( HKLM = C:\Program Files\WinRAR\RarExt.dll () )

    [HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\Send To]
    @ = {7BA4C740-9E81-11CF-99D3-00AA004AE837} ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu]
    @ = {A470F8CF-A1E8-4f65-8335-227475AA5C46} ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\FastACShellExt]
    @ = {202863C7-D154-4D54-B9BD-077353FA9A08} ( HKLM = C:\Program Files\LitexMedia\Fast Audio Converter\FastACShellExt.dll () )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\Ninotech Date Edit]
    @ = {EECEEFEE-3DF7-11D0-9576-0000837A2FDD} ( HKLM = C:\WINDOWS\system32\ShellExt\DateEd32.dll (Ninotech) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\Offline Files]
    @ = {750fdf0e-2a26-11d1-a3ea-080036587f03} ( HKLM = C:\WINDOWS\system32\cscui.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\PowerISO]
    @ = {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} ( HKLM = C:\Program Files\PowerISO\PowerISOShell.dll (PowerISO Computing, Inc.) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing]
    @ = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} ( HKLM = C:\WINDOWS\system32\ntshrui.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR]
    @ = {B41DB860-8EE4-11D2-9906-E49FADC173CA} ( HKLM = C:\Program Files\WinRAR\RarExt.dll () )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\BackGround\shellex\ContextMenuHandlers\InCDMenu]
    @ = {950FF917-7A57-46BC-8017-59D9BF474000} ( HKLM = C:\Program Files\Ahead\InCD\incdshx.dll (Nero AG) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Directory\BackGround\shellex\ContextMenuHandlers\New]
    @ = {D969A300-E7FF-11d0-A93B-00A0C90F2719} ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\{969223c0-26aa-11d0-90ee-444553540000}]
    - PGP Shell Extension ( HKLM = C:\WINDOWS\system32\PGPmn.dll (Network Associates Technology, Inc.) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\{D653647D-D607-4df6-A5B8-48D2BA195F7B}]
    - BDMenu Class ( HKLM = C:\Program Files\Softwin\BitDefender10\bdshelxt.dll () )

    [HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\PowerISO]
    @ = {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} ( HKLM = C:\Program Files\PowerISO\PowerISOShell.dll (PowerISO Computing, Inc.) )

    [HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\WinRAR]
    @ = {B41DB860-8EE4-11D2-9906-E49FADC173CA} ( HKLM = C:\Program Files\WinRAR\RarExt.dll () )

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}]
    - Reg Data - Value does not exist ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}]
    - Reg Data - Value does not exist ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}]
    - Reg Data - Value does not exist ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}]
    - Reg Data - Value does not exist ( HKLM = C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) )

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{FED7043D-346A-414D-ACD7-550D052499A7}]
    - dBpShell Class ( HKLM = C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll () )

    >>>>> User Agent Post Platform <<<<<

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
    OD ISP Generic = IEAKMicrosoft

    >>>>> TCP/IP Configuration <<<<<

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FE5171EA-175C-485B-8210-37B6C4BDBBFF}] ( SiS 900 PCI Fast Ethernet Adapter )
    DefaultGateway =
    DhcpDefaultGateway = 76.2.96.1;
    DhcpIPAddress = 76.2.102.82
    DhcpNameServer = 71.3.0.116 209.26.88.31
    DhcpServer = 76.2.96.1
    DhcpSubnetMask = 255.255.248.0
    DisableDynamicUpdate = 0
    Domain =
    EnableDHCP = 1
    IPAddress = 0.0.0.0;
    IPAutoconfigurationAddress = 0.0.0.0
    NameServer =
    SubnetMask = 0.0.0.0;

    >>>>> WinSock2 Parameters <<<<<

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001]
    LibraryPath = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002]
    LibraryPath = C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003]
    LibraryPath = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013]
    PackedCatalogItem = C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014]
    PackedCatalogItem = C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - repeatly occur clearing
  1. spoonthumb
    Replies:
    9
    Views:
    755
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/542787

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice