Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Can't open any programs except photoshop not even OTL

Started by neataznyam , Mar 21 2012 10:25 PM

  • Please log in to reply

#121
neataznyam
Posted 21 April 2012 - 07:54 PM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
when I tried to remove adaware in safemode I got a message that said the windows installer service could not be accessed, this can occur if the windows installer is not correctly installed, contact your support personnle for assistance and when I tried the /f thing is said error the system was unable to find the specified registry key or value.
  • 0

Advertisements

#122
neataznyam
Posted 21 April 2012 - 07:59 PM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ReportBootOk"="1"
"Shell"="explorer.exe"
"PreCreateKnownFolders"="{A520A1A4-1780-4FF6-BD18-167343C5AF16}"
"Userinit"="C:\\Windows\\system32\\userinit.exe,"
"VMApplet"="SystemPropertiesPerformance.exe /pagefile"
"AutoRestartShell"=dword:00000001
"Background"="0 0 0"
"CachedLogonsCount"="10"
"DebugServerCommand"="no"
"ForceUnlockLogon"=dword:00000000
"LegalNoticeCaption"=""
"LegalNoticeText"=""
"PasswordExpiryWarning"=dword:00000005
"PowerdownAfterShutdown"="0"
"ShutdownWithoutLogon"="0"
"WinStationsDisabled"="0"
"DisableCAD"=dword:00000001
"scremoveoption"="0"
"ShutdownFlags"=dword:00000027
"AutoAdminLogon"="0"
"DefaultUserName"="henry"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}]
@="Wireless Group Policy"
"DisplayName"=hex(2):40,00,77,00,6c,00,67,00,70,00,63,00,6c,00,6e,00,74,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,31,00,30,00,30,00,00,00
"ProcessGroupPolicyEx"="ProcessWLANPolicyEx"
"GenerateGroupPolicy"="GenerateWLANPolicy"
"DllName"=hex(2):77,00,6c,00,67,00,70,00,63,00,6c,00,6e,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}]
@="Folder Redirection"
"ProcessGroupPolicyEx"="ProcessGroupPolicyEx"
"DllName"=hex(2):66,00,64,00,65,00,70,00,6c,00,6f,00,79,00,2e,00,64,00,6c,00,\
6c,00,00,00
"NoMachinePolicy"=dword:00000001
"NoSlowLink"=dword:00000001
"PerUserLocalSettings"=dword:00000001
"NoGPOListChanges"=dword:00000000
"NoBackgroundPolicy"=dword:00000000
"GenerateGroupPolicy"="GenerateGroupPolicy"
"EventSources"=hex(7):28,00,46,00,6f,00,6c,00,64,00,65,00,72,00,20,00,52,00,65,\
00,64,00,69,00,72,00,65,00,63,00,74,00,69,00,6f,00,6e,00,2c,00,41,00,70,00,\
70,00,6c,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,29,00,00,00,00,00
"DisplayName"=hex(2):40,00,66,00,64,00,65,00,70,00,6c,00,6f,00,79,00,2e,00,64,\
00,6c,00,6c,00,2c,00,2d,00,32,00,36,00,31,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}]
@="Microsoft Disk Quota"
"DisplayName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,\
00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
5c,00,64,00,73,00,6b,00,71,00,75,00,6f,00,74,00,61,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,30,00,30,00,00,00
"NoMachinePolicy"=dword:00000000
"NoUserPolicy"=dword:00000001
"NoSlowLink"=dword:00000001
"NoBackgroundPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001
"PerUserLocalSettings"=dword:00000000
"RequiresSuccessfulRegistry"=dword:00000001
"EnableAsynchronousProcessing"=dword:00000000
"DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,\
00,73,00,6b,00,71,00,75,00,6f,00,74,00,61,00,2e,00,64,00,6c,00,6c,00,00,00
"ProcessGroupPolicy"="ProcessGroupPolicy"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}]
@="QoS Packet Scheduler"
"DisplayName"=hex(2):40,00,67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,\
00,6c,00,2c,00,2d,00,32,00,30,00,31,00,00,00
"ProcessGroupPolicy"="ProcessPSCHEDPolicy"
"DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
00,00
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4bcd6cde-777b-48b6-9804-43568e23545d}]
@="Remote Desktop USB Redirection"
"DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,54,\
00,73,00,55,00,73,00,62,00,52,00,65,00,64,00,69,00,72,00,65,00,63,00,74,00,\
69,00,6f,00,6e,00,47,00,72,00,6f,00,75,00,70,00,50,00,6f,00,6c,00,69,00,63,\
00,79,00,45,00,78,00,74,00,65,00,6e,00,73,00,69,00,6f,00,6e,00,2e,00,64,00,\
6c,00,6c,00,00,00
"RequiresSuccessfulRegistry"=dword:00000001
"ProcessGroupPolicyEx"="ProcessGroupPolicyEx"
"NoGPOListChanges"=dword:00000001
"NoUserPolicy"=dword:00000001
"DisplayName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,\
00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
5c,00,54,00,73,00,55,00,73,00,62,00,52,00,65,00,64,00,69,00,72,00,65,00,63,\
00,74,00,69,00,6f,00,6e,00,47,00,72,00,6f,00,75,00,70,00,50,00,6f,00,6c,00,\
69,00,63,00,79,00,45,00,78,00,74,00,65,00,6e,00,73,00,69,00,6f,00,6e,00,2e,\
00,64,00,6c,00,6c,00,2c,00,2d,00,31,00,30,00,30,00,00,00
"NoBackgroundPolicy"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}]
@="Internet Explorer Zonemapping"
"ProcessGroupPolicy"="ProcessGroupPolicyForZoneMap"
"DllName"="C:\\Windows\\System32\\iedkcs32.dll"
"RequiresSuccessfulRegistry"=dword:00000001
"NoGPOListChanges"=dword:00000001
"DisplayName"="@C:\\Windows\\System32\\iedkcs32.dll,-3051"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{7933F41E-56F8-41d6-A31C-4148A711EE93}]
@="Windows Search Group Policy Extension"
"ProcessGroupPolicy"="ProcessGroupPolicy"
"DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,72,00,63,00,68,00,61,00,64,00,6d,00,69,00,6e,00,2e,00,64,00,6c,00,6c,00,\
00,00
"RequiresSuccessfulRegistry"=dword:00000001
"NoSlowLink"=dword:00000000
"NoGPOListChanges"=dword:00000001
"NoUserPolicy"=dword:00000000
"NoMachinePolicy"=dword:00000000
"PerUserLocalSettings"=dword:00000000
"EnableAsynchronousProcessing"=dword:00000001
"NoBackgroundPolicy"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{7B849a69-220F-451E-B3FE-2CB811AF94AE}]
@="Internet Explorer User Accelerators"
"ProcessGroupPolicy"="ProcessGroupPolicyForActivities"
"DllName"="C:\\Windows\\System32\\iedkcs32.dll"
"RequiresSuccessfulRegistry"=dword:00000001
"ProcessGroupPolicyEx"="ProcessGroupPolicyForActivitiesEx"
"NoGPOListChanges"=dword:00000001
"DisplayName"="@C:\\Windows\\System32\\iedkcs32.dll,-3051"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}]
@="Security"
"DisplayName"=hex(2):40,00,28,00,72,00,75,00,6e,00,74,00,69,00,6d,00,65,00,2e,\
00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,29,00,5c,00,73,00,63,00,\
65,00,63,00,6c,00,69,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,37,00,36,00,35,\
00,30,00,00,00
"ProcessGroupPolicy"="SceProcessSecurityPolicyGPO"
"GenerateGroupPolicy"="SceGenerateGroupPolicy"
"ExtensionRsopPlanningDebugLevel"=dword:00000001
"ProcessGroupPolicyEx"="SceProcessSecurityPolicyGPOEx"
"ExtensionDebugLevel"=dword:00000001
"DllName"=hex(2):73,00,63,00,65,00,63,00,6c,00,69,00,2e,00,64,00,6c,00,6c,00,\
00,00
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001
"EnableAsynchronousProcessing"=dword:00000001
"MaxNoGPOListChangesInterval"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{8A28E2C5-8D06-49A4-A08C-632DAA493E17}]
@="Deployed Printer Connections"
"DisplayName"=hex(2):40,00,25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,\
00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
5c,00,67,00,70,00,70,00,72,00,6e,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,00,00
"DllName"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,67,\
00,70,00,70,00,72,00,6e,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,00,00
"EnableAsynchronousProcessing"=dword:00000001
"ExtensionEventSource"=""
"GenerateGroupPolicy"="PrinterGenerateGroupPolicy"
"MaxNoGPOListChangesInterval"=dword:00000000
"NoBackgroundPolicy"=dword:00000000
"NoGPOListChanges"=dword:00000000
"NoMachinePolicy"=dword:00000000
"NoSlowLink"=dword:00000001
"NotifyLinkTransition"=dword:00000000
"NoUserPolicy"=dword:00000000
"PerUserLocalSettings"=dword:00000000
"ProcessGroupPolicy"="PrinterProcessGroupPolicy"
"ProcessGroupPolicyEx"="PrinterProcessGroupPolicyEx"
"RequiresSuccessfulRegistry"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}]
@="Internet Explorer Branding"
"ProcessGroupPolicy"="ProcessGroupPolicy"
"DllName"="C:\\Windows\\System32\\iedkcs32.dll"
"GenerateGroupPolicy"="GenerateGroupPolicy"
"NoSlowLink"=dword:00000001
"ProcessGroupPolicyEx"="ProcessGroupPolicyEx"
"NoGPOListChanges"=dword:00000001
"NoMachinePolicy"=dword:00000001
"DisplayName"="@C:\\Windows\\System32\\iedkcs32.dll,-3014"
"NoBackgroundPolicy"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}]
@="802.3 Group Policy"
"DisplayName"=hex(2):40,00,64,00,6f,00,74,00,33,00,67,00,70,00,63,00,6c,00,6e,\
00,74,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,00,31,00,30,00,30,00,00,00
"ProcessGroupPolicyEx"="ProcessLANPolicyEx"
"GenerateGroupPolicy"="GenerateLANPolicy"
"DllName"=hex(2):64,00,6f,00,74,00,33,00,67,00,70,00,63,00,6c,00,6e,00,74,00,\
2e,00,64,00,6c,00,6c,00,00,00
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}]
@="TCPIP"
"DisplayName"=hex(2):40,00,67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,\
00,6c,00,2c,00,2d,00,32,00,30,00,34,00,00,00
"ProcessGroupPolicy"="ProcessTCPIPPolicy"
"DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
00,00
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001
"RequiresSuccessfulRegistry"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}]
@="Internet Explorer Machine Accelerators"
"ProcessGroupPolicy"="ProcessGroupPolicyForActivities"
"DllName"="C:\\Windows\\System32\\iedkcs32.dll"
"RequiresSuccessfulRegistry"=dword:00000001
"ProcessGroupPolicyEx"="ProcessGroupPolicyForActivitiesEx"
"NoGPOListChanges"=dword:00000001
"DisplayName"="@C:\\Windows\\System32\\iedkcs32.dll,-3051"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}]
@="IP Security"
"ProcessGroupPolicyEx"="ProcessIPSECPolicyEx"
"GenerateGroupPolicy"="GenerateIPSECPolicy"
"DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,70,\
00,6f,00,6c,00,73,00,74,00,6f,00,72,00,65,00,2e,00,64,00,6c,00,6c,00,00,00
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000000
"DisplayName"=hex(2):40,00,43,00,3a,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,\
00,73,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,70,00,\
6f,00,6c,00,73,00,74,00,6f,00,72,00,65,00,2e,00,64,00,6c,00,6c,00,2c,00,2d,\
00,35,00,30,00,31,00,32,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{f3ccc681-b74c-4060-9f26-cd84525dca2a}]
@="Audit Policy Configuration"
"ProcessGroupPolicyEx"="ProcessGroupPolicyEx"
"GenerateGroupPolicy"="GenerateGroupPolicy"
"DllName"=hex(2):61,00,75,00,64,00,69,00,74,00,63,00,73,00,65,00,2e,00,64,00,\
6c,00,6c,00,00,00
"NoUserPolicy"=dword:00000001
"EnableAsynchronousProcessing"=dword:00000001
"MaxNoGPOListChangesInterval"=dword:000003c0
"ForceRefreshFG"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{FB2CA36D-0B40-4307-821B-A13B252DE56C}]
@="Enterprise QoS"
"DisplayName"=hex(2):40,00,67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,\
00,6c,00,2c,00,2d,00,32,00,30,00,33,00,00,00
"ProcessGroupPolicy"="ProcessEQoSPolicy"
"DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
00,00
"RequiresSuccessfulRegistry"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}]
@="CP"
"DisplayName"=hex(2):40,00,67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,\
00,6c,00,2c,00,2d,00,32,00,30,00,35,00,00,00
"ProcessGroupPolicy"="ProcessConnectivityPlatformPolicy"
"DllName"=hex(2):67,00,70,00,74,00,65,00,78,00,74,00,2e,00,64,00,6c,00,6c,00,\
00,00
"NoUserPolicy"=dword:00000001
"NoGPOListChanges"=dword:00000001
"RequiresSuccessfulRegistry"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoLogonChecked]
  • 0

#123
neataznyam
Posted 21 April 2012 - 07:59 PM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000000
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000000
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\UIPI]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011
  • 0

#124
neataznyam
Posted 21 April 2012 - 08:01 PM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
with the last reg export it said the system cannot find the path specified
  • 0

#125
neataznyam
Posted 21 April 2012 - 09:46 PM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo 1400 Series"="C:\\Windows\\system32\\spool\\DRIVERS\\x64\\3\\E_FATIBUA.EXE /FU \"C:\\Windows\\TEMP\\E_S6141.tmp\" /EF \"HKCU\""
"AdobeBridge"=""
"DAEMON Tools Lite"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"
"msnmsgr"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"
"Skype"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"Akamai NetSession Interface"="\"C:\\Users\\henry\\AppData\\Local\\Akamai\\netsession_win.exe\""
"HydraVisionDesktopManager"="\"C:\\Program Files (x86)\\ATI Technologies\\HydraVision\\HydraDM.exe\""
"HydraVisionMDEngine"="\"C:\\Program Files (x86)\\ATI Technologies\\HydraVision\\HydraMD.exe\""
"Steam"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent"
"Messenger (Yahoo!)"="\"C:\\PROGRA~2\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"Aim"="\"C:\\Program Files (x86)\\AIM\\aim.exe\" /d locale=en-US"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
@=""
  • 0

#126
RKinner
Posted 21 April 2012 - 10:22 PM

RKinner

    Malware Expert

  • Expert
  • 24,485 posts
  • MVP
It looks like we actually managed to remove the entries even tho it kept asking you if it was OK. The last export probably didn't have any entries so that's OK.

The uninstall may require it to be in regular mode.


Can you reboot and see if anything has changed?
  • 0

#127
neataznyam
Posted 21 April 2012 - 10:45 PM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
still can't run exe programs
  • 0

#128
RKinner
Posted 21 April 2012 - 11:02 PM

RKinner

    Malware Expert

  • Expert
  • 24,485 posts
  • MVP
Can you get into msconfig:

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Type with an Enter after each line:

msconfig

Click on Diagnostic Startup then OK and Reboot. Any change?
  • 0

#129
neataznyam
Posted 21 April 2012 - 11:25 PM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
sorry no
  • 0

#130
RKinner
Posted 22 April 2012 - 12:39 AM

RKinner

    Malware Expert

  • Expert
  • 24,485 posts
  • MVP
No change or No msconfig doesn't work?

see if you can get

sc query

to work from a Command Prompt. If it works you can try to create a file:

sc query > "%userprofile%\Desktop\junk.txt"

which you can attach or copy and paste into a reply. junk.txt


we can also look at the services in the registry:



reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services "%userprofile%\Desktop\services.txt"

services.txt
  • 0

Advertisements

#131
neataznyam
Posted 22 April 2012 - 12:50 AM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
well i couldn't get online so i tried to go back to normal mode and not the other thing from msconfig and I got a blue screen
  • 0

#132
neataznyam
Posted 22 April 2012 - 12:55 AM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
SERVICE_NAME: AeLookupSvc
DISPLAY_NAME: Application Experience
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: AMD External Events Utility
DISPLAY_NAME: AMD External Events Utility
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: AudioEndpointBuilder
DISPLAY_NAME: Windows Audio Endpoint Builder
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: AudioSrv
DISPLAY_NAME: Windows Audio
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: CryptSvc
DISPLAY_NAME: Cryptographic Services
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: DcomLaunch
DISPLAY_NAME: DCOM Server Process Launcher
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Dhcp
DISPLAY_NAME: DHCP Client
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Dnscache
DISPLAY_NAME: DNS Client
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: DPS
DISPLAY_NAME: Diagnostic Policy Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: eventlog
DISPLAY_NAME: Windows Event Log
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: EventSystem
DISPLAY_NAME: COM+ Event System
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: FDResPub
DISPLAY_NAME: Function Discovery Resource Publication
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: FontCache
DISPLAY_NAME: Windows Font Cache Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: gpsvc
DISPLAY_NAME: Group Policy Client
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_PRESHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: hidserv
DISPLAY_NAME: Human Interface Device Access
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: LanmanServer
DISPLAY_NAME: Server
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: LanmanWorkstation
DISPLAY_NAME: Workstation
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: lmhosts
DISPLAY_NAME: TCP/IP NetBIOS Helper
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: MMCSS
DISPLAY_NAME: Multimedia Class Scheduler
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Netman
DISPLAY_NAME: Network Connections
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: netprofm
DISPLAY_NAME: Network List Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: NlaSvc
DISPLAY_NAME: Network Location Awareness
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: nsi
DISPLAY_NAME: Network Store Interface Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: PcaSvc
DISPLAY_NAME: Program Compatibility Assistant Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: PlugPlay
DISPLAY_NAME: Plug and Play
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Power
DISPLAY_NAME: Power
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: ProfSvc
DISPLAY_NAME: User Profile Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: RpcEptMapper
DISPLAY_NAME: RPC Endpoint Mapper
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: RpcSs
DISPLAY_NAME: Remote Procedure Call (RPC)
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: SamSs
DISPLAY_NAME: Security Accounts Manager
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Schedule
DISPLAY_NAME: Task Scheduler
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: SENS
DISPLAY_NAME: System Event Notification Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: ShellHWDetection
DISPLAY_NAME: Shell Hardware Detection
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Spooler
DISPLAY_NAME: Print Spooler
TYPE : 110 WIN32_OWN_PROCESS (interactive)
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: stisvc
DISPLAY_NAME: Windows Image Acquisition (WIA)
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE, PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: SysMain
DISPLAY_NAME: Superfetch
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: TabletServicePen
DISPLAY_NAME: TabletServicePen
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Themes
DISPLAY_NAME: Themes
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: TrkWks
DISPLAY_NAME: Distributed Link Tracking Client
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: UxSms
DISPLAY_NAME: Desktop Window Manager Session Manager
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: WdiServiceHost
DISPLAY_NAME: Diagnostic Service Host
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: WdiSystemHost
DISPLAY_NAME: Diagnostic System Host
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: WerSvc
DISPLAY_NAME: Windows Error Reporting Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: WinHttpAutoProxySvc
DISPLAY_NAME: WinHTTP Web Proxy Auto-Discovery Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: Winmgmt
DISPLAY_NAME: Windows Management Instrumentation
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: wlidsvc
DISPLAY_NAME: Windows Live ID Sign-in Assistant
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: WPDBusEnum
DISPLAY_NAME: Portable Device Enumerator Service
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: WSearch
DISPLAY_NAME: Windows Search
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: WTouchService
DISPLAY_NAME: WTouch Service
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0

SERVICE_NAME: wudfsvc
DISPLAY_NAME: Windows Driver Foundation - User-mode Driver Framework
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
  • 0

#133
neataznyam
Posted 22 April 2012 - 12:56 AM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
this next one is a longggggg file, should I just attatch it?
  • 0

#134
neataznyam
Posted 22 April 2012 - 01:09 AM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Data]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Data\Linkage]
"Export"="2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,00,44,00,61,00,74,00,61,00,00,00,00,00"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Data\Performance]
"IsMultiInstance"=dword:00000001
"CategoryOptions"=dword:00000001
"Open"="OpenPerformanceData"
"Collect"="CollectPerformanceData"
"Close"="ClosePerformanceData"
"Library"="netfxperf.dll"
"Counter Types"=hex:36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,\
00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,\
36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,\
00,00,00,00,00
"Counter Names"=hex:53,00,71,00,6c,00,43,00,6c,00,69,00,65,00,6e,00,74,00,3a,\
00,20,00,43,00,75,00,72,00,72,00,65,00,6e,00,74,00,20,00,23,00,20,00,70,00,\
6f,00,6f,00,6c,00,65,00,64,00,20,00,61,00,6e,00,64,00,20,00,6e,00,6f,00,6e,\
00,70,00,6f,00,6f,00,6c,00,65,00,64,00,20,00,63,00,6f,00,6e,00,6e,00,65,00,\
63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,53,00,71,00,6c,00,43,00,6c,00,69,\
00,65,00,6e,00,74,00,3a,00,20,00,43,00,75,00,72,00,72,00,65,00,6e,00,74,00,\
20,00,23,00,20,00,70,00,6f,00,6f,00,6c,00,65,00,64,00,20,00,63,00,6f,00,6e,\
00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,53,00,71,00,6c,00,\
43,00,6c,00,69,00,65,00,6e,00,74,00,3a,00,20,00,43,00,75,00,72,00,72,00,65,\
00,6e,00,74,00,20,00,23,00,20,00,63,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,\
69,00,6f,00,6e,00,20,00,70,00,6f,00,6f,00,6c,00,73,00,00,00,53,00,71,00,6c,\
00,43,00,6c,00,69,00,65,00,6e,00,74,00,3a,00,20,00,50,00,65,00,61,00,6b,00,\
20,00,23,00,20,00,70,00,6f,00,6f,00,6c,00,65,00,64,00,20,00,63,00,6f,00,6e,\
00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,53,00,71,00,6c,00,\
43,00,6c,00,69,00,65,00,6e,00,74,00,3a,00,20,00,54,00,6f,00,74,00,61,00,6c,\
00,20,00,23,00,20,00,66,00,61,00,69,00,6c,00,65,00,64,00,20,00,63,00,6f,00,\
6e,00,6e,00,65,00,63,00,74,00,73,00,00,00,53,00,71,00,6c,00,43,00,6c,00,69,\
00,65,00,6e,00,74,00,3a,00,20,00,54,00,6f,00,74,00,61,00,6c,00,20,00,23,00,\
20,00,66,00,61,00,69,00,6c,00,65,00,64,00,20,00,63,00,6f,00,6d,00,6d,00,61,\
00,6e,00,64,00,73,00,00,00,00,00
"InstallType"=dword:00000001
"PerfIniFile"="_DataPerfCounters_D.ini"
"First Counter"=dword:000013a4
"Last Counter"=dword:000013b0
"First Help"=dword:000013a5
"Last Help"=dword:000013b1
"Object List"="5028"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Networking]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Networking\Linkage]
"Export"="2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,69,00,6e,00,67,00,00,00,00,00"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Networking\Performance]
"IsMultiInstance"=dword:00000001
"FileMappingSize"=dword:00020000
"CategoryOptions"=dword:00000003
"Collect"="CollectPerformanceData"
"Close"="ClosePerformanceData"
"Library"="netfxperf.dll"
"Counter Types"=hex:36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,37,00,39,\
00,32,00,00,00,36,00,35,00,37,00,39,00,32,00,00,00,36,00,35,00,35,00,33,00,\
36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,00,00
"Open"="OpenPerformanceData"
"Counter Names"=hex:43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,\
00,73,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,00,\
64,00,00,00,42,00,79,00,74,00,65,00,73,00,20,00,52,00,65,00,63,00,65,00,69,\
00,76,00,65,00,64,00,00,00,42,00,79,00,74,00,65,00,73,00,20,00,53,00,65,00,\
6e,00,74,00,00,00,44,00,61,00,74,00,61,00,67,00,72,00,61,00,6d,00,73,00,20,\
00,52,00,65,00,63,00,65,00,69,00,76,00,65,00,64,00,00,00,44,00,61,00,74,00,\
61,00,67,00,72,00,61,00,6d,00,73,00,20,00,53,00,65,00,6e,00,74,00,00,00,00,\
00
"InstallType"=dword:00000001
"PerfIniFile"="_Networkingperfcounters_D.ini"
"First Counter"=dword:0000137a
"Last Counter"=dword:00001384
"First Help"=dword:0000137b
"Last Help"=dword:00001385
"Object List"="4986"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Networking 4.0.0.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Networking 4.0.0.0\Linkage]
"Export"=hex(7):2e,00,4e,00,45,00,54,00,20,00,43,00,4c,00,52,00,20,00,4e,00,65,\
00,74,00,77,00,6f,00,72,00,6b,00,69,00,6e,00,67,00,20,00,34,00,2e,00,30,00,\
2e,00,30,00,2e,00,30,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET CLR Networking 4.0.0.0\Performance]
"Counter Names"=hex(7):43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,\
6e,00,73,00,20,00,45,00,73,00,74,00,61,00,62,00,6c,00,69,00,73,00,68,00,65,\
00,64,00,00,00,42,00,79,00,74,00,65,00,73,00,20,00,52,00,65,00,63,00,65,00,\
69,00,76,00,65,00,64,00,00,00,42,00,79,00,74,00,65,00,73,00,20,00,53,00,65,\
00,6e,00,74,00,00,00,44,00,61,00,74,00,61,00,67,00,72,00,61,00,6d,00,73,00,\
20,00,52,00,65,00,63,00,65,00,69,00,76,00,65,00,64,00,00,00,44,00,61,00,74,\
00,61,00,67,00,72,00,61,00,6d,00,73,00,20,00,53,00,65,00,6e,00,74,00,00,00,\
48,00,74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,00,73,\
00,74,00,73,00,20,00,43,00,72,00,65,00,61,00,74,00,65,00,64,00,2f,00,53,00,\
65,00,63,00,00,00,48,00,74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,\
00,75,00,65,00,73,00,74,00,73,00,20,00,41,00,76,00,65,00,72,00,61,00,67,00,\
65,00,20,00,4c,00,69,00,66,00,65,00,74,00,69,00,6d,00,65,00,00,00,48,00,74,\
00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,00,73,00,74,00,\
73,00,20,00,41,00,76,00,65,00,72,00,61,00,67,00,65,00,20,00,4c,00,69,00,66,\
00,65,00,74,00,69,00,6d,00,65,00,20,00,42,00,61,00,73,00,65,00,00,00,48,00,\
74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,00,73,00,74,\
00,73,00,20,00,51,00,75,00,65,00,75,00,65,00,64,00,2f,00,53,00,65,00,63,00,\
00,00,48,00,74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,\
00,73,00,74,00,73,00,20,00,41,00,76,00,65,00,72,00,61,00,67,00,65,00,20,00,\
51,00,75,00,65,00,75,00,65,00,20,00,54,00,69,00,6d,00,65,00,00,00,48,00,74,\
00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,00,73,00,74,00,\
73,00,20,00,41,00,76,00,65,00,72,00,61,00,67,00,65,00,20,00,51,00,75,00,65,\
00,75,00,65,00,20,00,54,00,69,00,6d,00,65,00,20,00,42,00,61,00,73,00,65,00,\
00,00,48,00,74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,00,71,00,75,00,65,\
00,73,00,74,00,73,00,20,00,41,00,62,00,6f,00,72,00,74,00,65,00,64,00,2f,00,\
53,00,65,00,63,00,00,00,48,00,74,00,74,00,70,00,57,00,65,00,62,00,52,00,65,\
00,71,00,75,00,65,00,73,00,74,00,73,00,20,00,46,00,61,00,69,00,6c,00,65,00,\
64,00,2f,00,53,00,65,00,63,00,00,00,00,00
"Counter Types"=hex(7):36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,37,00,\
39,00,32,00,00,00,36,00,35,00,37,00,39,00,32,00,00,00,36,00,35,00,35,00,33,\
00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,34,00,31,00,39,00,35,00,\
33,00,32,00,38,00,00,00,31,00,30,00,37,00,33,00,38,00,37,00,34,00,31,00,37,\
00,36,00,00,00,31,00,30,00,37,00,33,00,39,00,33,00,39,00,34,00,35,00,38,00,\
00,00,34,00,31,00,39,00,35,00,33,00,32,00,38,00,00,00,31,00,30,00,37,00,33,\
00,38,00,37,00,34,00,31,00,37,00,36,00,00,00,31,00,30,00,37,00,33,00,39,00,\
33,00,39,00,34,00,35,00,38,00,00,00,34,00,31,00,39,00,35,00,33,00,32,00,38,\
00,00,00,34,00,31,00,39,00,35,00,33,00,32,00,38,00,00,00,00,00
"Library"="netfxperf.dll"
"Close"="ClosePerformanceData"
"Collect"="CollectPerformanceData"
"Open"="OpenPerformanceData"
"IsMultiInstance"=dword:00000001
"FileMappingSize"=dword:00020000
"CategoryOptions"=dword:00000003
"PerfIniFile"="_Networkingperfcounters.ini"
"Last Counter"=dword:00001a68
"Last Help"=dword:00001a69
"First Counter"=dword:00001a4e
"First Help"=dword:00001a4f
"Object List"="6734"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Data Provider for Oracle]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Data Provider for Oracle\Linkage]
"Export"="2e,00,4e,00,45,00,54,00,20,00,44,00,61,00,74,00,61,00,20,00,50,00,72,00,6f,00,76,00,69,00,64,00,65,00,72,00,20,00,66,00,6f,00,72,00,20,00,4f,00,72,00,61,00,63,00,6c,00,65,00,00,00,00,00"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Data Provider for Oracle\Performance]
"Close"="ClosePerformanceData"
"Counter Names"=hex:48,00,61,00,72,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,\
00,74,00,73,00,50,00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,\
48,00,61,00,72,00,64,00,44,00,69,00,73,00,63,00,6f,00,6e,00,6e,00,65,00,63,\
00,74,00,73,00,50,00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,\
53,00,6f,00,66,00,74,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,73,00,50,\
00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,53,00,6f,00,66,00,\
74,00,44,00,69,00,73,00,63,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,73,00,50,\
00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,4e,00,75,00,6d,00,\
62,00,65,00,72,00,4f,00,66,00,4e,00,6f,00,6e,00,50,00,6f,00,6f,00,6c,00,65,\
00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,\
00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,50,00,6f,00,6f,00,6c,\
00,65,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,\
73,00,00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,\
00,69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,\
6e,00,50,00,6f,00,6f,00,6c,00,47,00,72,00,6f,00,75,00,70,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,49,00,6e,00,61,00,63,00,74,00,\
69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,\
00,50,00,6f,00,6f,00,6c,00,47,00,72,00,6f,00,75,00,70,00,73,00,00,00,4e,00,\
75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,00,69,00,76,00,65,\
00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,50,00,6f,00,\
6f,00,6c,00,73,00,00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,49,\
00,6e,00,61,00,63,00,74,00,69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,\
63,00,74,00,69,00,6f,00,6e,00,50,00,6f,00,6f,00,6c,00,73,00,00,00,4e,00,75,\
00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,00,69,00,76,00,65,00,\
43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,46,00,72,00,65,00,65,00,43,00,\
6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,00,75,\
00,6d,00,62,00,65,00,72,00,4f,00,66,00,53,00,74,00,61,00,73,00,69,00,73,00,\
43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,52,00,65,00,63,00,6c,00,61,00,\
69,00,6d,00,65,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,\
00,6e,00,73,00,00,00,00,00
"IsMultiInstance"=dword:00000001
"Collect"="CollectPerformanceData"
"Open"="OpenPerformanceData"
"Library"="netfxperf.dll"
"Counter Types"=hex:32,00,37,00,32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,\
00,32,00,37,00,32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,00,32,00,37,00,\
32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,00,32,00,37,00,32,00,36,00,39,\
00,36,00,33,00,32,00,30,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,\
35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,\
00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,\
35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,\
00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,\
33,00,36,00,00,00,00,00
"FileMappingSize"=dword:00020000
"CategoryOptions"=dword:00000003
"InstallType"=dword:00000001
"PerfIniFile"="_DataOracleClientPerfCounters_shared12_neutral.ini"
"First Counter"=dword:00001462
"Last Counter"=dword:0000147e
"First Help"=dword:00001463
"Last Help"=dword:0000147f
"Object List"="5218"
  • 0

#135
neataznyam
Posted 22 April 2012 - 01:16 AM

neataznyam

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 150 posts
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Data Provider for SqlServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Data Provider for SqlServer\Linkage]
"Export"="2e,00,4e,00,45,00,54,00,20,00,44,00,61,00,74,00,61,00,20,00,50,00,72,00,6f,00,76,00,69,00,64,00,65,00,72,00,20,00,66,00,6f,00,72,00,20,00,53,00,71,00,6c,00,53,00,65,00,72,00,76,00,65,00,72,00,00,00,00,00"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Data Provider for SqlServer\Performance]
"Open"="OpenPerformanceData"
"CategoryOptions"=dword:00000003
"Counter Names"=hex:48,00,61,00,72,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,\
00,74,00,73,00,50,00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,\
48,00,61,00,72,00,64,00,44,00,69,00,73,00,63,00,6f,00,6e,00,6e,00,65,00,63,\
00,74,00,73,00,50,00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,\
53,00,6f,00,66,00,74,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,73,00,50,\
00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,53,00,6f,00,66,00,\
74,00,44,00,69,00,73,00,63,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,73,00,50,\
00,65,00,72,00,53,00,65,00,63,00,6f,00,6e,00,64,00,00,00,4e,00,75,00,6d,00,\
62,00,65,00,72,00,4f,00,66,00,4e,00,6f,00,6e,00,50,00,6f,00,6f,00,6c,00,65,\
00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,\
00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,50,00,6f,00,6f,00,6c,\
00,65,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,\
73,00,00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,\
00,69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,\
6e,00,50,00,6f,00,6f,00,6c,00,47,00,72,00,6f,00,75,00,70,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,49,00,6e,00,61,00,63,00,74,00,\
69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,\
00,50,00,6f,00,6f,00,6c,00,47,00,72,00,6f,00,75,00,70,00,73,00,00,00,4e,00,\
75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,00,69,00,76,00,65,\
00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,50,00,6f,00,\
6f,00,6c,00,73,00,00,00,4e,00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,49,\
00,6e,00,61,00,63,00,74,00,69,00,76,00,65,00,43,00,6f,00,6e,00,6e,00,65,00,\
63,00,74,00,69,00,6f,00,6e,00,50,00,6f,00,6f,00,6c,00,73,00,00,00,4e,00,75,\
00,6d,00,62,00,65,00,72,00,4f,00,66,00,41,00,63,00,74,00,69,00,76,00,65,00,\
43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,46,00,72,00,65,00,65,00,43,00,\
6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,00,75,\
00,6d,00,62,00,65,00,72,00,4f,00,66,00,53,00,74,00,61,00,73,00,69,00,73,00,\
43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,00,6e,00,73,00,00,00,4e,\
00,75,00,6d,00,62,00,65,00,72,00,4f,00,66,00,52,00,65,00,63,00,6c,00,61,00,\
69,00,6d,00,65,00,64,00,43,00,6f,00,6e,00,6e,00,65,00,63,00,74,00,69,00,6f,\
00,6e,00,73,00,00,00,00,00
"Close"="ClosePerformanceData"
"Library"="netfxperf.dll"
"Counter Types"=hex:32,00,37,00,32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,\
00,32,00,37,00,32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,00,32,00,37,00,\
32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,00,32,00,37,00,32,00,36,00,39,\
00,36,00,33,00,32,00,30,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,\
35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,\
00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,\
35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,\
00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,\
33,00,36,00,00,00,00,00
"IsMultiInstance"=dword:00000001
"FileMappingSize"=dword:00020000
"Collect"="CollectPerformanceData"
"InstallType"=dword:00000001
"PerfIniFile"="_dataperfcounters_shared12_neutral_D.ini"
"First Counter"=dword:00001386
"Last Counter"=dword:000013a2
"First Help"=dword:00001387
"Last Help"=dword:000013a3
"Object List"="4998"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Memory Cache 4.0]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Memory Cache 4.0\Linkage]
"Export"=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NET Memory Cache 4.0\Performance]
"Library"="netfxperf.dll"
"Open"="OpenPerformanceData"
"Collect"="CollectPerformanceData"
"Close"="ClosePerformanceData"
"IsMultiInstance"=dword:00000001
"FileMappingSize"=dword:00020000
"CategoryOptions"=dword:00000003
"Counter Types"=hex:36,00,35,00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,\
00,36,00,00,00,35,00,33,00,37,00,30,00,30,00,33,00,30,00,30,00,38,00,00,00,\
31,00,30,00,37,00,33,00,39,00,33,00,39,00,34,00,35,00,39,00,00,00,36,00,35,\
00,35,00,33,00,36,00,00,00,36,00,35,00,35,00,33,00,36,00,00,00,32,00,37,00,\
32,00,36,00,39,00,36,00,33,00,32,00,30,00,00,00,00,00
"Counter Names"=hex:43,00,61,00,63,00,68,00,65,00,20,00,48,00,69,00,74,00,73,\
00,00,00,43,00,61,00,63,00,68,00,65,00,20,00,4d,00,69,00,73,00,73,00,65,00,\
73,00,00,00,43,00,61,00,63,00,68,00,65,00,20,00,48,00,69,00,74,00,20,00,52,\
00,61,00,74,00,69,00,6f,00,00,00,43,00,61,00,63,00,68,00,65,00,20,00,48,00,\
69,00,74,00,20,00,52,00,61,00,74,00,69,00,6f,00,20,00,42,00,61,00,73,00,65,\
00,00,00,43,00,61,00,63,00,68,00,65,00,20,00,54,00,72,00,69,00,6d,00,73,00,\
00,00,43,00,61,00,63,00,68,00,65,00,20,00,45,00,6e,00,74,00,72,00,69,00,65,\
00,73,00,00,00,43,00,61,00,63,00,68,00,65,00,20,00,54,00,75,00,72,00,6e,00,\
6f,00,76,00,65,00,72,00,20,00,52,00,61,00,74,00,65,00,00,00,00,00
"PerfIniFile"="netmemorycache.ini"
"Last Counter"=dword:00001a78
"Last Help"=dword:00001a79
"First Counter"=dword:00001a6a
"First Help"=dword:00001a6b
"Object List"="6762"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NETFramework]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\.NETFramework\Performance]
"Close"="CloseCtrs"
"Collect"="CollectCtrs"
"Open"="OpenCtrs"
"Library"="mscoree.dll"
"InstallType"=dword:00000001
"PerfIniFile"="corperfmonsymbols_D.ini"
"First Counter"=dword:000013b2
"Last Counter"=dword:00001460
"First Help"=dword:000013b3
"Last Help"=dword:00001461

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\1394ohci]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,31,00,33,00,39,00,34,00,6f,00,68,00,\
63,00,69,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="1394 OHCI Compliant Host Controller"
"DriverPackageId"="1394.inf_amd64_neutral_c7fb486a9758e3d8"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\1394ohci\Parameters]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ACPI]
"Start"=dword:00000000
"Type"=dword:00000001
"ErrorControl"=dword:00000003
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,\
72,00,69,00,76,00,65,00,72,00,73,00,5c,00,41,00,43,00,50,00,49,00,2e,00,73,\
00,79,00,73,00,00,00
"DisplayName"="Microsoft ACPI Driver"
"Group"="Boot Bus Extender"
"DriverPackageId"="acpi.inf_amd64_neutral_2a841284c9de8962"
"Tag"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ACPI\Parameters]
"WHEAOSCImplemented"=hex:00,00,00,00
"AMLIMaxCTObjs"=hex:00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ACPI\Parameters\WakeUp]
"FixedEventMask"=hex:20,05
"FixedEventStatus"=hex:00,81
"GenericEventMask"=hex:00,28,00,00,00,00,00,00,00,00,00,00
"GenericEventStatus"=hex:40,00,00,00,fb,77,7d,e0,1b,98,ff,7f

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ACPI\Enum]
"0"="ACPI_HAL\\PNP0C08\\0"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AcpiPmi]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,63,00,70,00,69,00,70,00,6d,00,\
69,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="ACPI Power Meter Driver"
"DriverPackageId"="acpipmi.inf_amd64_neutral_21e3ebca2e5038cb"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adfs]
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adfs\Enum]
"0"="Root\\LEGACY_ADFS\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AdobeARMservice]
"Type"=dword:00000010
"Start"=dword:00000002
"ErrorControl"=dword:00000000
"ImagePath"=hex(2):22,00,43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,\
6d,00,20,00,46,00,69,00,6c,00,65,00,73,00,20,00,28,00,78,00,38,00,36,00,29,\
00,5c,00,43,00,6f,00,6d,00,6d,00,6f,00,6e,00,20,00,46,00,69,00,6c,00,65,00,\
73,00,5c,00,41,00,64,00,6f,00,62,00,65,00,5c,00,41,00,52,00,4d,00,5c,00,31,\
00,2e,00,30,00,5c,00,61,00,72,00,6d,00,73,00,76,00,63,00,2e,00,65,00,78,00,\
65,00,22,00,00,00
"DisplayName"="Adobe Acrobat Update Service"
"ObjectName"="LocalSystem"
"Description"="Adobe Acrobat Updater keeps your Adobe software up to date."

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AdobeDriveCS4_NP]
"DisplayName"="Adobe Drive CS4 NP"
"Group"="NetworkProvider"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AdobeDriveCS4_NP\NetworkProvider]
"Class"=dword:00000003
"DeviceName"="\\Device\\ADVirtualDisk\\Volume"
"Name"="Adobe Drive CS4 Network"
"ProviderPath"="C:\\Program Files (x86)\\Common Files\\Adobe\\Adobe Drive CS4\\AdobeDriveCS4_NP.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adp94xx]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,64,00,70,00,39,00,34,00,78,00,\
78,00,2e,00,73,00,79,00,73,00,00,00
"Group"="SCSI Miniport"
"DriverPackageId"="adp94xx.inf_amd64_neutral_4928c8870f6a1577"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adp94xx\Parameters]
"BusType"=dword:00000008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adp94xx\Parameters\Device]
"DriverParameter"="DisableIoctl=1;"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adp94xx\Parameters\PnpInterface]
"5"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adpahci]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,64,00,70,00,61,00,68,00,63,00,\
69,00,2e,00,73,00,79,00,73,00,00,00
"Group"="SCSI Miniport"
"DriverPackageId"="adpahci.inf_amd64_neutral_b082e95ec9f8c3f9"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adpahci\Parameters]
"BusType"=dword:00000008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adpahci\Parameters\Device]
"DriverParameter"="DisableIoctl=1;"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adpahci\Parameters\PnpInterface]
"5"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adpu320]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,64,00,70,00,75,00,33,00,32,00,\
30,00,2e,00,73,00,79,00,73,00,00,00
"Group"="SCSI Miniport"
"DriverPackageId"="adpu320.inf_amd64_neutral_4ea3d42a9839982a"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adpu320\Parameters]
"BusType"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adpu320\Parameters\Device]
"DriverParameter"="/MAXTAGS=64"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adpu320\Parameters\PnpInterface]
"5"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adsi\Cache]
"PerMachine"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\adsi\tracing]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AeLookupSvc]
"DisplayName"="@%SystemRoot%\\system32\\aelupsvc.dll,-1"
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Description"="@%SystemRoot%\\system32\\aelupsvc.dll,-2"
"ObjectName"="localSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000003
"Type"=dword:00000020
"RequiredPrivileges"=hex(7):53,00,65,00,54,00,63,00,62,00,50,00,72,00,69,00,76,\
00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,\
72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,\
00,65,00,67,00,65,00,00,00,00,00
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,60,ea,00,00,01,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AeLookupSvc\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
61,00,65,00,6c,00,75,00,70,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,\
00
"ServiceDllUnloadOnStop"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AeLookupSvc\TriggerInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AeLookupSvc\TriggerInfo\0]
"Type"=dword:00000014
"Action"=dword:00000001
"GUID"=hex:fd,a5,f4,18,3b,fd,a5,40,8f,c2,e5,d2,61,c5,d0,2e

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD]
"BootFlags"=dword:00000001
"DisplayName"="@%systemroot%\\system32\\drivers\\afd.sys,-1000"
"Group"="PNP_TDI"
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,66,00,64,00,2e,00,73,00,79,00,\
73,00,00,00
"Description"="@%systemroot%\\system32\\drivers\\afd.sys,-1000"
"ErrorControl"=dword:00000001
"Start"=dword:00000001
"Type"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Parameters]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\AFD\Enum]
"0"="Root\\LEGACY_AFD\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\agp440]
"Start"=dword:00000003
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,72,\
00,69,00,76,00,65,00,72,00,73,00,5c,00,61,00,67,00,70,00,34,00,34,00,30,00,\
2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Intel AGP Bus Filter"
"Group"="PnP Filter"
"DriverPackageId"="machine.inf_amd64_neutral_9e6bb86c3b39a3e9"
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP