I recently installed Windows 7 Ultimate 64bit on a new machine.

I'm sure that the machine is 'clean' - it's only contact with the internet so far is for Windows Update (I preinstalled SpyBot, AntiVir antivirus and ZoneAlarm firewall).

Whilst browsing the registry to check an unrelated seperate issue I found a registry 'run' key (startup entry):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

which did not appear in the "Startup entries" listing of SpyBot.

Of course this is just an unnecessary but non-malicious startup added Realtek audio driver software which is part of the motherboard driver installation.

So I think that this may well be a bug (though I haven't tried to add anything else to this key to see if that too is missed).

SpyBot did list entries in other startup keys eg:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

C:\Installed Apps\Avira\AntiVir Desktop\avgnt.exe

and:

HKEY_USERS\S-1-5-......\Software\Microsoft\Windows\CurrentVersion\Run

C:\Installed Apps\Spybot - Search & Destroy\TeaTimer.exe

Any thoughts?

Regards,
Steve

Hello,

Did you open Spybot with a right click and choose "run as administrator/take ownership" (http://www.safer-networking.org/en/faq/42.html)?

Best regards
Sandra
Team Spybot

Hi Sandra,

Sorry for the delay replying - been busy getting new machine setup and clearing snowdrifts.

I am definitely running as administrator (one of the first things I did was edit the properties of the shortcut to "run as administrator" by default).


Since my original post I moved Teatimer from HK_CU to HK_LM, it then also dissappeared from the startup list.
(FYI I did this before in XP as it saves having to keep track of several user startup entries for the same thing - it seems to work fine - I did once exchange a couple of emails with yourselves about this amongst some other suggestions).

So there is definitely an issue here.

Anyway I would expect all the registry keys to have similar permissions.
This is a clean new-install from Win7 media and I haven't installed anthing strange or made any Registry edits.

Regards,
Steve

(PS See also my post about missing Imunisations, which may be related.)

i installed today the latest version of SpyBot S&D and all the available updates on Windows 7 Professional 64 bit.

I tried to run it both with administrator privileges and without.

On Windows 64 bit there are two places in the registry with the startup executables:

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

and

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

the first for 32bit applications running on the WOW layer, the second for 64 bit applications.
All registry keys used by 32 bit applications are under the "Wow6432Node" key.

It seems that "System Startup" utility included in SpyBot just sees programs under

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

maybe it isn't 64bit aware?

BTW, sometimes bugs are caused by localization problems: my version of Windows 7 is the italian one, just in case you need the information.

I just installed Spybot 1.6.2.46 on a new machine and I'm seeing the same problem. I tried to use Spybot's System Startup screen to stop some OEM bloatware from loading, and found that the program I was trying to kill wasn't listed. Once I got in to Windows' own System Configuration utility (which took a while, because I haven't needed to use it in years) and compared the list there to Spybot's, I found the situation to be exactly as SpyBotRunner described it. My guess is that since this version of Spybot is a 32-bit program, Windows itself hides the 64-bit registry locations from it, and that this won't get resolved until Spybot is recompiled to run as a 64-bit native application.

I came here looking to see if there was a 64-bit version or some other workaround for this, but apparently not. Oh well.