Just checking...

**Bravura** · 2006-11-08, 02:45

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32\Terminal Server\RDP]
"wave"="rdpsnd.dll"
"MaxBandwidth"=dword:000056b9
"wavemapper"="msacm32.drv"
"EnableMP3Codec"=dword:00000001
"midimapper"="midimap.dll"
"mixer"="rdpsnd.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EFS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Embedding]
"PBrush"="Paintbrush Picture,Paintbrush Picture,pbrush.exe,picture"
"SoundRec"="Sound,Sound,sndrec32.exe,picture"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Event Viewer]
"MicrosoftRedirectionURL"="http://go.microsoft.com/fwlink/events.asp"
"MicrosoftRedirectionProgram"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,50,\
43,48,65,61,6c,74,68,5c,48,65,6c,70,43,74,72,5c,42,69,6e,61,72,69,65,73,5c,\
48,65,6c,70,43,74,72,2e,65,78,65,00
"MicrosoftRedirectionProgramCommandLineParameters"="-url hcp://services/centers/support?topic=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\File Manager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\File Manager\AddOns]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers]
"Adobe Type Manager"="atmfd.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontDPI]
"LogPixels"=dword:00000060

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper]
"ARIAL"=dword:00000000
"COURIER"=dword:00008800
"COURIER NEW"=dword:00008000
"FIXEDSYS"=dword:00009000
"MS SANS SERIF"=dword:00001000
"MS SERIF"=dword:00005000
"SMALL FONTS"=dword:00000800
"SYMBOL"=dword:00004002
"SYMBOL1"=dword:0000a002
"TIMES NEW ROMAN"=dword:00004000
"WINGDINGS"=dword:00000002
"WINGDINGS2"=dword:00008002
"DEFAULT"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
"Roman (All res)"="ROMAN.FON"
"Script (All res)"="SCRIPT.FON"
"Modern (All res)"="MODERN.FON"
"Small Fonts (VGA res)"="SMALLE.FON"
"Arial (TrueType)"="ARIAL.TTF"
"Arial Bold (TrueType)"="ARIALBD.TTF"
"Arial Bold Italic (TrueType)"="ARIALBI.TTF"
"Arial Italic (TrueType)"="ARIALI.TTF"
"Courier New (TrueType)"="COUR.TTF"
"Courier New Bold (TrueType)"="COURBD.TTF"
"Courier New Bold Italic (TrueType)"="COURBI.TTF"
"Courier New Italic (TrueType)"="COURI.TTF"
"Lucida Console (TrueType)"="LUCON.TTF"
"Lucida Sans Unicode (TrueType)"="L_10646.TTF"
"Times New Roman (TrueType)"="TIMES.TTF"
"Times New Roman Bold (TrueType)"="TIMESBD.TTF"
"Times New Roman Bold Italic (TrueType)"="TIMESBI.TTF"
"Times New Roman Italic (TrueType)"="TIMESI.TTF"
"WingDings (TrueType)"="WINGDING.TTF"
"Symbol (TrueType)"="SYMBOL.TTF"
"Symbol 8,10,12,14,18,24 (VGA res)"="SYMBOLE.FON"
"Verdana (TrueType)"="verdana.TTF"
"Verdana Bold (TrueType)"="verdanab.TTF"
"Verdana Italic (TrueType)"="verdanai.TTF"
"Verdana Bold Italic (TrueType)"="verdanaz.TTF"
"Arial Black (TrueType)"="ARIBLK.TTF"
"Comic Sans MS (TrueType)"="comic.TTF"
"Comic Sans MS Bold (TrueType)"="comicbd.TTF"
"Impact (TrueType)"="impact.TTF"
"Georgia (TrueType)"="georgia.TTF"
"Georgia Bold (TrueType)"="georgiab.TTF"
"Georgia Bold Italic (TrueType)"="georgiaz.TTF"
"Georgia Italic (TrueType)"="georgiai.TTF"
"Franklin Gothic Medium (TrueType)"="Framd.TTF"
"Franklin Gothic Medium Italic (TrueType)"="Framdit.TTF"
"Palatino Linotype (TrueType)"="pala.TTF"
"Palatino Linotype Bold (TrueType)"="palab.TTF"
"Palatino Linotype Bold Italic (TrueType)"="palabi.TTF"
"Palatino Linotype Italic (TrueType)"="palai.TTF"
"Tahoma Bold (TrueType)"="TAHOMABD.TTF"
"Trebuchet MS (TrueType)"="trebuc.TTF"
"Trebuchet MS Bold (TrueType)"="trebucbd.TTF"
"Trebuchet MS Bold Italic (TrueType)"="trebucbi.TTF"
"Trebuchet MS Italic (TrueType)"="trebucit.TTF"
"Webdings (TrueType)"="webdings.TTF"
"Estrangelo Edessa (TrueType)"="estre.TTF"
"Gautami (TrueType)"="gautami.TTF"
"Latha (TrueType)"="latha.TTF"
"Mangal (TrueType)"="mangal.TTF"
"Mv Boli (TrueType)"="mvboli.TTF"
"Raavi (TrueType)"="raavi.TTF"
"Shruti (TrueType)"="shruti.TTF"
"Tunga (TrueType)"="tunga.TTF"
"Sylfaen (TrueType)"="sylfaen.TTF"
"WST_Czec (All res)"="wst_czec.FON"
"WST_Engl (All res)"="wst_engl.FON"
"WST_Fren (All res)"="wst_fren.FON"
"WST_Germ (All res)"="wst_germ.FON"
"WST_Ital (All res)"="wst_ital.FON"
"WST_Span (All res)"="wst_span.FON"
"WST_Swed (All res)"="wst_swed.FON"
"Courier 10,12,15 (VGA res)"="COURE.FON"
"MS Sans Serif 8,10,12,14,18,24 (VGA res)"="SSERIFE.FON"
"MS Serif 8,10,12,14,18,24 (VGA res)"="SERIFE.FON"
"Tahoma (TrueType)"="TAHOMA.TTF"
"Microsoft Sans Serif (TrueType)"="MICROSS.TTF"
"Agency FB Bold (TrueType)"="AGENCYB.TTF"
"Algerian (TrueType)"="ALGER.TTF"
"Arial Narrow (TrueType)"="ARIALN.TTF"
"Arial Rounded MT Bold (TrueType)"="ARLRDBD.TTF"
"Baskerville Old Face (TrueType)"="BASKVILL.TTF"
"Bauhaus 93 (TrueType)"="BAUHS93.TTF"
"Bell MT (TrueType)"="BELL.TTF"
"Berlin Sans FB Bold (TrueType)"="BRLNSB.TTF"
"Bernard MT Condensed (TrueType)"="BERNHC.TTF"
"Blackadder ITC (TrueType)"="ITCBLKAD.TTF"
"Bodoni MT (TrueType)"="BOD_R.TTF"
"Bodoni MT Black (TrueType)"="BOD_BLAR.TTF"
"Bodoni MT Condensed (TrueType)"="BOD_CR.TTF"
"Bodoni MT Poster Compressed (TrueType)"="BOD_PSTC.TTF"
"Book Antiqua (TrueType)"="BKANT.TTF"
"Bookman Old Style (TrueType)"="BOOKOS.TTF"
"Bradley Hand ITC (TrueType)"="BRADHITC.TTF"
"Britannic Bold (TrueType)"="BRITANIC.TTF"
"Broadway (TrueType)"="BROADW.TTF"
"Brush Script MT Italic (TrueType)"="BRUSHSCI.TTF"
"Californian FB (TrueType)"="CALIFR.TTF"
"Calisto MT (TrueType)"="CALIST.TTF"
"Castellar (TrueType)"="CASTELAR.TTF"
"Centaur (TrueType)"="CENTAUR.TTF"
"Century Gothic (TrueType)"="GOTHIC.TTF"
"Century Schoolbook (TrueType)"="CENSCBK.TTF"
"Chiller (TrueType)"="CHILLER.TTF"
"Colonna MT (TrueType)"="COLONNA.TTF"
"Cooper Black (TrueType)"="COOPBL.TTF"
"Copperplate Gothic Bold (TrueType)"="COPRGTB.TTF"
"Copperplate Gothic Light (TrueType)"="COPRGTL.TTF"
"Curlz MT (TrueType)"="CURLZ___.TTF"
"Edwardian Script ITC (TrueType)"="ITCEDSCR.TTF"
"Elephant (TrueType)"="ELEPHNT.TTF"
"Engravers MT (TrueType)"="ENGR.TTF"
"Eras Bold ITC (TrueType)"="ERASBD.TTF"
"Eras Demi ITC (TrueType)"="ERASDEMI.TTF"
"Eras Light ITC (TrueType)"="ERASLGHT.TTF"
"Eras Medium ITC (TrueType)"="ERASMD.TTF"
"Felix Titling (TrueType)"="FELIXTI.TTF"
"Footlight MT Light (TrueType)"="FTLTLT.TTF"
"Forte (TrueType)"="FORTE.TTF"
"Franklin Gothic Book (TrueType)"="FRABK.TTF"
"Franklin Gothic Demi (TrueType)"="FRADM.TTF"
"Franklin Gothic Demi Cond (TrueType)"="FRADMCN.TTF"
"Franklin Gothic Heavy (TrueType)"="FRAHV.TTF"
"Franklin Gothic Medium Cond (TrueType)"="FRAMDCN.TTF"
"Freestyle Script (TrueType)"="FREESCPT.TTF"
"French Script MT (TrueType)"="FRSCRIPT.TTF"
"Garamond (TrueType)"="GARA.TTF"
"Gigi (TrueType)"="GIGI.TTF"
"Gill Sans MT Ext Condensed Bold (TrueType)"="GLSNECB.TTF"
"Gill Sans MT (TrueType)"="GIL_____.TTF"
"Gill Sans MT Condensed (TrueType)"="GILC____.TTF"
"Gill Sans Ultra Bold (TrueType)"="GILSANUB.TTF"
"Gill Sans Ultra Bold Condensed (TrueType)"="GILLUBCD.TTF"
"Gloucester MT Extra Condensed (TrueType)"="GLECB.TTF"
"Goudy Old Style (TrueType)"="GOUDOS.TTF"
"Goudy Stout (TrueType)"="GOUDYSTO.TTF"
"Haettenschweiler (TrueType)"="HATTEN.TTF"
"Harlow Solid Italic (TrueType)"="HARLOWSI.TTF"
"Harrington (TrueType)"="HARNGTON.TTF"
"High Tower Text (TrueType)"="HTOWERT.TTF"
"Imprint MT Shadow (TrueType)"="IMPRISHA.TTF"
"Jokerman (TrueType)"="JOKERMAN.TTF"
"Juice ITC (TrueType)"="JUICE___.TTF"
"Kristen ITC (TrueType)"="ITCKRIST.TTF"
"Kunstler Script (TrueType)"="KUNSTLER.TTF"
"Lucida Bright (TrueType)"="LBRITE.TTF"
"Lucida Calligraphy Italic (TrueType)"="LCALLIG.TTF"
"Lucida Fax Regular (TrueType)"="LFAX.TTF"
"Lucida Handwriting Italic (TrueType)"="LHANDW.TTF"
"Lucida Sans Regular (TrueType)"="LSANS.TTF"
"Lucida Sans Typewriter Regular (TrueType)"="LTYPE.TTF"
"MS Outlook (TrueType)"="OUTLOOK.TTF"
"Magneto Bold (TrueType)"="MAGNETOB.TTF"
"Maiandra GD (TrueType)"="MAIAN.TTF"
"Matura MT Script Capitals (TrueType)"="MATURASC.TTF"
"Mistral (TrueType)"="MISTRAL.TTF"
"Modern No. 20 (TrueType)"="MOD20.TTF"
"Monotype Corsiva (TrueType)"="MTCORSVA.TTF"
"Niagara Engraved (TrueType)"="NIAGENG.TTF"
"Niagara Solid (TrueType)"="NIAGSOL.TTF"
"OCR A Extended (TrueType)"="OCRAEXT.TTF"
"Old English Text MT (TrueType)"="OLDENGL.TTF"
"Onyx (TrueType)"="ONYX.TTF"
"Palace Script MT (TrueType)"="PALSCRI.TTF"
"Papyrus (TrueType)"="PAPYRUS.TTF"
"Parchment (TrueType)"="PARCHM.TTF"
"Perpetua (TrueType)"="PER_____.TTF"
"Perpetua Titling MT Bold (TrueType)"="PERTIBD.TTF"
"Playbill (TrueType)"="PLAYBILL.TTF"
"Poor Richard (TrueType)"="POORICH.TTF"
"Pristina (TrueType)"="PRISTINA.TTF"
"Rage Italic (TrueType)"="RAGE.TTF"
"Ravie (TrueType)"="RAVIE.TTF"
"Rockwell (TrueType)"="ROCK.TTF"
"Rockwell Condensed (TrueType)"="ROCC____.TTF"
"Rockwell Extra Bold (TrueType)"="ROCKEB.TTF"
"Informal Roman (TrueType)"="INFROMAN.TTF"
"Script MT Bold (TrueType)"="SCRIPTBL.TTF"
"Showcard Gothic (TrueType)"="SHOWG.TTF"
"Snap ITC (TrueType)"="SNAP____.TTF"
"Stencil (TrueType)"="STENCIL.TTF"
"Tw Cen MT Bold (TrueType)"="TCB_____.TTF"
"Tw Cen MT Condensed (TrueType)"="TCCM____.TTF"
"Tw Cen MT Condensed Bold (TrueType)"="TCCB____.TTF"
"Tw Cen MT (TrueType)"="TCM_____.TTF"
"Tempus Sans ITC (TrueType)"="TEMPSITC.TTF"
"Viner Hand ITC (TrueType)"="VINERITC.TTF"
"Vivaldi Italic (TrueType)"="VIVALDII.TTF"
"Vladimir Script (TrueType)"="VLADIMIR.TTF"
"Wide Latin (TrueType)"="LATINWD.TTF"
"Wingdings 2 (TrueType)"="WINGDNG2.TTF"
"Wingdings 3 (TrueType)"="WINGDNG3.TTF"
"Agency FB (TrueType)"="AGENCYR.TTF"
"Book Antiqua Bold (TrueType)"="ANTQUAB.TTF"
"Book Antiqua Bold Italic (TrueType)"="ANTQUABI.TTF"
"Book Antiqua Italic (TrueType)"="ANTQUAI.TTF"
"Arial Black Italic (TrueType)"="ARBLI___.TTF"
"Arial Narrow Bold (TrueType)"="ARIALNB.TTF"
"Arial Narrow Bold Italic (TrueType)"="ARIALNBI.TTF"
"Arial Narrow Italic (TrueType)"="ARIALNI.TTF"
"Bell MT Bold (TrueType)"="BELLB.TTF"
"Bell MT Italic (TrueType)"="BELLI.TTF"
"Bodoni MT Bold (TrueType)"="BOD_B.TTF"
"Bodoni MT Bold Italic (TrueType)"="BOD_BI.TTF"
"Bodoni MT Black Italic (TrueType)"="BOD_BLAI.TTF"
"Bodoni MT Condensed Bold (TrueType)"="BOD_CB.TTF"
"Bodoni MT Condensed Bold Italic (TrueType)"="BOD_CBI.TTF"
"Bodoni MT Condensed Italic (TrueType)"="BOD_CI.TTF"
"Bodoni MT Italic (TrueType)"="BOD_I.TTF"
"Bookman Old Style Bold (TrueType)"="BOOKOSB.TTF"
"Bookman Old Style Bold Italic (TrueType)"="BOOKOSBI.TTF"
"Bookman Old Style Italic (TrueType)"="BOOKOSI.TTF"
"Berlin Sans FB Demi Bold (TrueType)"="BRLNSDB.TTF"
"Berlin Sans FB (TrueType)"="BRLNSR.TTF"
"Californian FB Bold (TrueType)"="CALIFB.TTF"
"Californian FB Italic (TrueType)"="CALIFI.TTF"
"Calisto MT Bold (TrueType)"="CALISTB.TTF"
"Calisto MT Bold Italic (TrueType)"="CALISTBI.TTF"
"Calisto MT Italic (TrueType)"="CALISTI.TTF"
"Elephant Italic (TrueType)"="ELEPHNTI.TTF"
"Franklin Gothic Book Italic (TrueType)"="FRABKIT.TTF"
"Franklin Gothic Demi Italic (TrueType)"="FRADMIT.TTF"
"Franklin Gothic Heavy Italic (TrueType)"="FRAHVIT.TTF"
"Garamond Bold (TrueType)"="GARABD.TTF"
"Garamond Italic (TrueType)"="GARAIT.TTF"
"Gill Sans MT Bold Italic (TrueType)"="GILBI___.TTF"
"Gill Sans MT Bold (TrueType)"="GILB____.TTF"
"Gill Sans MT Italic (TrueType)"="GILI____.TTF"
"Century Gothic Bold (TrueType)"="GOTHICB.TTF"
"Century Gothic Bold Italic (TrueType)"="GOTHICBI.TTF"
"Century Gothic Italic (TrueType)"="GOTHICI.TTF"
"Goudy Old Style Bold (TrueType)"="GOUDOSB.TTF"
"Goudy Old Style Italic (TrueType)"="GOUDOSI.TTF"
"High Tower Text Italic (TrueType)"="HTOWERTI.TTF"
"Lucida Bright Demibold (TrueType)"="LBRITED.TTF"
"Lucida Bright Demibold Italic (TrueType)"="LBRITEDI.TTF"
"Lucida Bright Italic (TrueType)"="LBRITEI.TTF"
"Lucida Fax Demibold (TrueType)"="LFAXD.TTF"
"Lucida Fax Demibold Italic (TrueType)"="LFAXDI.TTF"
"Lucida Fax Italic (TrueType)"="LFAXI.TTF"
"Lucida Sans Demibold Roman (TrueType)"="LSANSD.TTF"
"Lucida Sans Demibold Italic (TrueType)"="LSANSDI.TTF"
"Lucida Sans Italic (TrueType)"="LSANSI.TTF"
"Lucida Sans Typewriter Bold (TrueType)"="LTYPEB.TTF"
"Lucida Sans Typewriter Bold Oblique (TrueType)"="LTYPEBO.TTF"
"Lucida Sans Typewriter Oblique (TrueType)"="LTYPEO.TTF"
"Perpetua Bold Italic (TrueType)"="PERBI___.TTF"
"Perpetua Bold (TrueType)"="PERB____.TTF"
"Perpetua Italic (TrueType)"="PERI____.TTF"
"Perpetua Titling MT Light (TrueType)"="PERTILI.TTF"
"Rockwell Condensed Bold (TrueType)"="ROCCB___.TTF"
"Rockwell Bold (TrueType)"="ROCKB.TTF"
"Rockwell Bold Italic (TrueType)"="ROCKBI.TTF"
"Rockwell Italic (TrueType)"="ROCKI.TTF"
"Century Schoolbook Bold (TrueType)"="SCHLBKB.TTF"
"Century Schoolbook Bold Italic (TrueType)"="SCHLBKBI.TTF"
"Century Schoolbook Italic (TrueType)"="SCHLBKI.TTF"
"Tw Cen MT Bold Italic (TrueType)"="TCBI____.TTF"
"Tw Cen MT Condensed Extra Bold (TrueType)"="TCCEB.TTF"
"Tw Cen MT Italic (TrueType)"="TCMI____.TTF"
"MapSymbols (TrueType)"="C:\\Program Files\\Common Files\\Microsoft Shared\\Datamap\\MAPSYM.TTF"
"Kartika (TrueType)"="Kartika.ttf"
"Vrinda (TrueType)"="Vrinda.ttf"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes]
"Arial CE,238"="Arial,238"
"Arial CYR,204"="Arial,204"
"Arial Greek,161"="Arial,161"
"Arial TUR,162"="Arial,162"
"Courier New CE,238"="Courier New,238"
"Courier New CYR,204"="Courier New,204"
"Courier New Greek,161"="Courier New,161"
"Courier New TUR,162"="Courier New,162"
"Helv"="MS Sans Serif"
"Helvetica"="Arial"
"MS Shell Dlg 2"="Tahoma"
"Times"="Times New Roman"
"Times New Roman CE,238"="Times New Roman,238"
"Times New Roman CYR,204"="Times New Roman,204"
"Times New Roman Greek,161"="Times New Roman,161"
"Times New Roman TUR,162"="Times New Roman,162"
"Tms Rmn"="MS Serif"
"Arial Baltic,186"="Arial,186"
"Courier New Baltic,186"="Courier New,186"
"Times New Roman Baltic,186"="Times New Roman,186"
"MS Shell Dlg"="Microsoft Sans Serif"

seven text...

**Bravura** · 2006-11-08, 02:47

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize]
"FIXEDFON.FON"="vgafix.fon"
"FONTS.FON"="vgasys.fon"
"OEMFONT.FON"="vgaoem.fon"
"DisableRemoteFontBootCache"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB873339]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB873339"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB873339"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB873339\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885835]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB885835"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB885835"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885835\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885836]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB885836"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB885836"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885836\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885884]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB885884"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB885884"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB885884\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB886185]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB886185"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB886185"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB886185\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB888113]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB888113"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB888113"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB888113\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB888302]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB888302"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB888302"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB888302\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB890046]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB890046)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB890046)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB890046\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB890859]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB890859"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB890859"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB890859\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB891122]
"Installed"=dword:00000001
"Comments"="Windows Media Format SDK Hotfix - KB891122"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB891781]
"Installed"=dword:00000001
"Comments"="Windows XP Hotfix - KB891781"
"Backup Dir"=""
"Fix Description"="Windows XP Hotfix - KB891781"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB891781\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB893756]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB893756)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB893756)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB893756\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB893803v2]
"Installed"=dword:00000001
"Comments"="Windows Installer 3.1"
"Backup Dir"=""
"Fix Description"="Windows Installer 3.1"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB893803v2\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB894391]
"Installed"=dword:00000001
"Comments"="Update for Windows XP (KB894391)"
"Backup Dir"=""
"Fix Description"="Update for Windows XP (KB894391)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB894391\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896344]
"Installed"=dword:00000001
"Comments"="Hotfix for Windows XP (KB896344)"
"Backup Dir"=""
"Fix Description"="Hotfix for Windows XP (KB896344)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896344\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896358]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB896358)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB896358)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896358\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896423]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB896423)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB896423)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896423\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896424]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB896424)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB896424)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896424\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896428]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB896428)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB896428)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB896428\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB898461]
"Installed"=dword:00000001
"Comments"="Update for Windows XP (KB898461)"
"Backup Dir"=""
"Fix Description"="Update for Windows XP (KB898461)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB898461\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899587]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB899587)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB899587)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899587\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899589]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB899589)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB899589)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899589\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899591]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB899591)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB899591)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB899591\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB900485]
"Installed"=dword:00000001
"Comments"="Update for Windows XP (KB900485)"
"Backup Dir"=""
"Fix Description"="Update for Windows XP (KB900485)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB900485\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB900725]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB900725)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB900725)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB900725\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901017]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB901017)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB901017)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901017\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901190]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB901190)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB901190)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901190\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901214]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB901214)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB901214)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB901214\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB902344]
"Installed"=dword:00000001
"Comments"="Hotfix for Windows Media Format SDK (KB902344)"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB902400]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB902400)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB902400)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB902400\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB904706]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB904706)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB904706)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB904706\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB904942]
"Installed"=dword:00000001
"Comments"="Update for Windows XP (KB904942)"
"Backup Dir"=""
"Fix Description"="Update for Windows XP (KB904942)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB904942\File 1]
"Flags"=""
"New File"=""
"New Link Date"=""
"Old Link Date"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB905414]
"Installed"=dword:00000001
"Comments"="Security Update for Windows XP (KB905414)"
"Backup Dir"=""
"Fix Description"="Security Update for Windows XP (KB905414)"
"Installed By"=""
"Installed On"=""
"Service Pack"=dword:00000003
"Valid"=dword:00000001

seven text...

**Bravura** · 2006-11-08, 02:51

arg.. is it possible to just host this file?

**Rawe** · 2006-11-08, 21:05

Originally Posted by Bravura

arg.. is it possible to just host this file?

Actually Mosaic said it seems you did something wrong since this notify.txt shouldn't be so long. And it also seems it lists reg entries that it shouldn't. Try the command again and then see if any difference?

Looks like this would be the best way. Go to Start -> Run and copy/paste the following command straight into it and click OK:

cmd /c Regedit /e /a notify.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" & Start notepad notify.txt

**Bravura** · 2006-11-10, 02:06

All right, there we go

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
@=""
"DLLName"="igfxsrvc.dll"
"Asynchronous"=dword:00000001
"Impersonate"=dword:00000001
"Unlock"="WinlogonUnlockEvent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"Asynchronous"=dword:00000001
"DLLName"="WlNotify.dll"
"Impersonate"=dword:00000001
"Lock"="SensLockEvent"
"Logoff"="SensLogoffEvent"
"Logon"="SensLogonEvent"
"MaxWait"=dword:00000258
"Safe"=dword:00000001
"Shutdown"="SensShutdownEvent"
"StartScreenSaver"="SensStartScreenSaverEvent"
"StartShell"="SensStartShellEvent"
"Startup"="SensStartupEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Unlock"="SensUnlockEvent"
"Disconnect"="SensDisconnectEvent"
"PostShell"="SensPostShellEvent"
"Reconnect"="SensReconnectEvent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
"Logon"="WLEventLogon"
"Logoff"="WLEventLogoff"
"Startup"="WLEventStartup"
"Shutdown"="WLEventShutdown"
"StartScreenSaver"="WLEventStartScreenSaver"
"StopScreenSaver"="WLEventStopScreenSaver"
"Lock"="WLEventLock"
"Unlock"="WLEventUnlock"
"StartShell"="WLEventStartShell"
"PostShell"="WLEventPostShell"
"Disconnect"="WLEventDisconnect"
"Reconnect"="WLEventReconnect"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000000
"SafeMode"=dword:00000001
"MaxWait"=dword:ffffffff
"DllName"=hex(2):57,67,61,4c,6f,67,6f,6e,2e,64,6c,6c,00
"Event"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings]
"Data"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,\
00,00,92,48,46,5e,59,9b,18,46,a0,1a,98,f7,1e,34,35,4e,04,00,00,00,04,00,00,\
00,53,00,00,00,03,66,00,00,a8,00,00,00,10,00,00,00,ec,1e,94,b9,81,b9,4d,2f,\
c0,f8,2e,94,55,26,7c,f6,00,00,00,00,04,80,00,00,a0,00,00,00,10,00,00,00,68,\
d7,d1,55,0b,c0,03,a5,bb,ab,3e,fa,36,e3,f0,ec,b0,01,00,00,50,95,d7,e4,1e,41,\
e5,7a,a1,90,93,ac,69,33,ae,04,af,5d,b3,8b,94,f6,00,db,52,3d,49,76,99,f4,c3,\
41,fb,78,fe,db,6a,e3,b1,56,25,9f,10,dc,72,2b,ca,e0,b1,fb,99,e2,fb,30,a9,d5,\
ba,c6,40,06,37,c1,12,22,eb,13,66,60,fe,82,61,96,de,2a,8c,1a,8c,24,6c,6f,9a,\
75,4c,63,1e,80,9d,27,27,df,fd,17,e1,ce,e6,01,a8,75,e6,cb,c6,c8,ac,9b,c2,e2,\
41,07,79,8a,bd,52,7e,24,7d,7f,26,87,b3,eb,e8,bc,5a,fa,6b,1d,14,f4,5b,a7,d1,\
b1,80,82,a6,bb,a1,db,8a,97,89,38,c6,02,3c,fc,20,c9,5c,b9,b8,4e,a8,8e,14,a7,\
64,30,4f,0b,1c,1d,37,18,e8,8e,8b,a8,88,f3,89,c7,3a,2a,87,a6,38,2a,c3,3d,b4,\
59,fa,ba,b2,f2,22,57,60,02,42,c3,e3,a5,c9,b2,77,b5,de,3c,75,b3,75,44,f4,e6,\
b7,e7,5b,96,26,c3,b0,41,22,29,56,e6,77,75,8a,cb,7d,11,c7,58,9e,bf,f9,a3,6d,\
87,b9,67,bf,ef,81,3f,38,fa,ff,77,7b,6a,c1,89,7e,6e,98,e9,70,15,ed,fd,d4,fd,\
f8,7c,fb,6d,ee,59,14,cc,26,13,ed,3e,c7,5b,28,23,31,c3,5f,b4,fd,41,6f,a3,ec,\
9a,c9,f9,2a,9e,01,d9,53,ad,51,69,05,77,b6,35,36,f1,54,bb,07,68,24,ab,df,41,\
ac,cf,7c,e9,24,eb,18,d5,3e,89,65,fc,63,76,84,c8,c9,3c,fe,23,88,d6,85,8d,53,\
8b,2a,6f,68,f3,cb,a7,f8,05,b0,a7,de,3f,75,35,f0,f0,89,54,6b,ff,e1,fb,95,ba,\
29,b6,f8,7b,04,e6,3b,38,27,29,46,97,75,1e,bf,19,f1,03,95,18,8c,7d,f9,c1,ea,\
c8,d7,5e,4d,28,9a,54,49,99,9f,9e,d2,de,e4,d9,14,da,eb,97,ac,80,e0,d2,3a,3f,\
bc,99,9b,0e,99,a2,cf,17,bb,67,3d,4c,4c,a3,4c,d2,6d,2c,f8,5d,e6,8b,28,0b,df,\
64,14,00,00,00,84,17,0f,7d,35,99,e8,cf,d1,d7,e4,72,30,37,1f,a9,91,87,79,45

**Rawe** · 2006-11-10, 16:19

Ok and something else popped up, we can get some more info from this log

Please download the L2MFix by Shadowwar:

Save it to your desktop.
Double-click l2mfix.exe
Click the Install - button to extract the files.
Follow the prompts, then please open the newly added l2mfix folder on your desktop.
Double-click the l2mfix.bat and select option #1 for Run Find Log by typing 1 and then pressing enter. This will scan your computer and it may appear nothing is happening, then, after a minute or 2, notepad will open with a log.

Copy the contents of that log and paste it into your next reply.

IMPORTANT: Do NOT run option #2 OR any other files in the l2mfix folder until I ask you to!

Note; if you recieve any error messages for CMD or Autoexec.bat>> select option 5 from the l2mfix and once at the site, click on the link that apply to your operating system.

Double-click the file it downloads and extract the files to its predetermined System32 folder.

**tashi** · 2006-11-19, 03:29

Bravura, how is it going?

**Bravura** · 2006-11-19, 22:44

I apologize for the [extremely] slow reply. ><

L2MFIX find log 051206
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
@=""
"DLLName"="igfxsrvc.dll"
"Asynchronous"=dword:00000001
"Impersonate"=dword:00000001
"Unlock"="WinlogonUnlockEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"Asynchronous"=dword:00000001
"DLLName"="WlNotify.dll"
"Impersonate"=dword:00000001
"Lock"="SensLockEvent"
"Logoff"="SensLogoffEvent"
"Logon"="SensLogonEvent"
"MaxWait"=dword:00000258
"Safe"=dword:00000001
"Shutdown"="SensShutdownEvent"
"StartScreenSaver"="SensStartScreenSaverEvent"
"StartShell"="SensStartShellEvent"
"Startup"="SensStartupEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Unlock"="SensUnlockEvent"
"Disconnect"="SensDisconnectEvent"
"PostShell"="SensPostShellEvent"
"Reconnect"="SensReconnectEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
"Logon"="WLEventLogon"
"Logoff"="WLEventLogoff"
"Startup"="WLEventStartup"
"Shutdown"="WLEventShutdown"
"StartScreenSaver"="WLEventStartScreenSaver"
"StopScreenSaver"="WLEventStopScreenSaver"
"Lock"="WLEventLock"
"Unlock"="WLEventUnlock"
"StartShell"="WLEventStartShell"
"PostShell"="WLEventPostShell"
"Disconnect"="WLEventDisconnect"
"Reconnect"="WLEventReconnect"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000000
"SafeMode"=dword:00000001
"MaxWait"=dword:ffffffff
"DllName"=hex(2):57,00,67,00,61,00,4c,00,6f,00,67,00,6f,00,6e,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Event"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings]
"Data"=hex:01,00,00,00,d0,8c,9d,df,01,15,d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,\
00,00,92,48,46,5e,59,9b,18,46,a0,1a,98,f7,1e,34,35,4e,04,00,00,00,04,00,00,\
00,53,00,00,00,03,66,00,00,a8,00,00,00,10,00,00,00,dc,a1,d5,91,9e,08,d0,e8,\
8c,3e,63,f2,ea,6b,61,fd,00,00,00,00,04,80,00,00,a0,00,00,00,10,00,00,00,69,\
80,ae,a1,9f,e8,35,8b,ed,7c,76,2d,fb,50,b4,34,b0,01,00,00,af,f6,b1,6e,d1,b7,\
48,66,2e,13,f9,4d,32,68,12,5b,44,55,35,75,b1,65,8c,8e,4c,44,85,59,ac,8a,7d,\
82,88,58,f5,31,8f,2c,da,f6,5e,8c,41,34,68,c0,3b,ec,97,d5,96,21,51,d4,a9,97,\
05,69,85,f7,62,67,77,fc,30,66,69,fe,86,74,a8,e9,83,2f,b8,45,59,c0,c9,7a,86,\
f8,d2,97,30,1f,98,75,07,f7,b0,ac,1d,2b,aa,00,ab,21,9a,41,cf,79,7c,6a,e3,fb,\
50,65,cb,0d,34,bf,c8,74,54,c0,ad,f3,11,a2,1f,46,db,04,69,d5,8a,3f,02,90,99,\
8b,21,5f,10,67,49,0e,3e,5b,a3,3f,7f,67,c3,c1,65,9f,55,63,e2,4f,c4,7d,32,48,\
3a,2e,19,64,94,e8,67,ce,39,21,54,fc,dd,d1,9a,9c,4b,ba,b1,bb,63,17,80,bd,70,\
14,0b,57,ea,b8,84,66,e6,3c,e6,f2,00,ad,54,fe,ee,7a,5e,0d,65,3c,41,29,f4,78,\
71,29,d6,87,42,07,f5,1d,63,a0,78,86,ff,70,04,d0,b5,d6,03,7b,95,e8,a9,4d,73,\
15,16,a5,e6,63,fb,db,e1,c2,93,dc,98,be,4d,7b,63,ab,ff,a7,9a,d1,2f,d0,2a,16,\
49,a5,5a,fe,64,29,f5,fa,18,0a,41,c7,0f,fe,b0,39,0a,1f,74,12,dd,5f,0c,c3,0a,\
d0,f2,59,64,09,2c,8f,57,b7,49,cb,6a,01,b1,68,7c,a2,d8,62,37,85,a6,c6,f7,61,\
4d,e4,57,88,86,28,84,e2,27,a0,19,eb,22,a0,5b,77,c2,46,52,d4,82,a2,68,12,1b,\
f8,1d,d7,22,b7,7e,8c,eb,9b,f1,f1,ea,84,54,c0,22,f7,89,12,9c,31,aa,83,ff,c6,\
9a,2f,12,11,00,d0,36,e8,11,a6,c2,e3,b1,06,0a,85,23,08,ec,6b,10,54,21,68,6f,\
ad,4d,95,41,5b,42,f2,1a,30,be,e2,82,a7,9e,8a,83,4a,5f,d2,0a,e6,19,90,2d,78,\
44,9d,1c,57,f5,42,12,07,58,97,89,a4,16,01,47,31,a2,11,b1,39,00,90,ce,6b,dd,\
d1,14,00,00,00,b4,0d,3c,94,e6,2f,f1,27,17,48,a1,d3,04,cb,c9,bb,a4,14,d6,dd

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{A66C62B7-45D9-3B61-1C25-1CC3E829DE88}"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Multimedia File Property Sheet"
"{176d6597-26d3-11d1-b350-080036a75b03}"="ICM Scanner Management"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="NTFS Security Page"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="OLE Docfile Property Page"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Shell extensions for sharing"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Display Adapter CPL Extension"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Display Monitor CPL Extension"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Display Panning CPL Extension"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="DS Security Page"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Compatibility Page"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Shell Scrap DataHandler"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Disk Copy Extension"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Shell extensions for Microsoft Windows Network objects"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="ICM Monitor Management"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="ICM Printer Management"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Shell extensions for file compression"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Web Printer Shell Extension"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Encryption Context Menu"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Briefcase"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="HyperTerminal Icon Ext"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="ICC Profile"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Printers Security Page"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Shell extensions for sharing"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Crypto PKO Extension"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Crypto Sign Extension"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Network Connections"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Network Connections"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Scanners & Cameras"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Scanners & Cameras"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="Scanners & Cameras"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Scanners & Cameras"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Scanners & Cameras"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shell extensions for Windows Script Host"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Microsoft Data Link"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Scheduled Tasks"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Taskbar and Start Menu"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Search"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Help and Support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Help and Support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Run..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="E-mail"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Fonts"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Administrative Tools"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Microsoft Internet Toolbar"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Download Status"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Augmented Shell Folder"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Augmented Shell Folder 2"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="IE Search Band"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="In-pane search"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Web Search"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Registry Tree Options Utility"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Address"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="Address EditBox"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoComplete"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU AutoComplete List"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Custom MRU AutoCompleted List"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Track Popup Bar"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Address Bar Parser"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Microsoft History AutoComplete List"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Microsoft Shell Folder AutoComplete List"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft Multiple AutoComplete List Container"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Shell Band Site Menu"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="User Assist"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Global Folder Settings"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="History"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite Splash Screen"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="The Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="ActiveX Cache Folder"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Subscription Folder"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Shell Application Manager"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="Installed Apps Enumerator"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="GDI+ file thumbnail extractor"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Summary Info Thumbnail handler (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="HTML Thumbnail Extractor"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Web Publishing Wizard"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Print Ordering via the Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Shell Publishing Wizard Object"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Get a Passport Wizard"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="User Accounts"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Offline Files Folder"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="For &People..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{5E44E225-A408-11CF-B581-008029601108}"="Adaptec DirectCD Shell Extension"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Web Folders"
"{8e9d6600-f84a-11ce-8daa-00aa004a5691}"="Shell extensions for NetWare"
"{e3f2bac0-099f-11cf-8daa-00aa004a5691}"="Shell extensions for NetWare"
"{52c68510-09a0-11cf-8daa-00aa004a5691}"="Shell extensions for NetWare"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}"="iTunes"
"{2F5AC606-70CF-461C-BFE1-6063670C3484}"="Display CPL Extension"
"{6DA42C88-56FE-43FF-9F9D-7B47527E47D5}"=""
"{e82a2d71-5b2f-43a0-97b8-81be15854de8}"="ShellLink for Application References"
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}"="Shell Icon Handler for Application References"
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}"="Messenger Sharing Folders"
"{07C45BB1-4A8C-4642-A1F5-237E7215FF66}"="IE Microsoft BrowserBand"
"{1C1EDB47-CE22-4bbb-B608-77B48F83C823}"="IE Fade Task"
"{205D7A97-F16D-4691-86EF-F3075DCCA57D}"="IE Menu Desk Bar"
"{3028902F-6374-48b2-8DC6-9725E775B926}"="IE AutoComplete"
"{43886CD5-6529-41c4-A707-7B3C92C05E68}"="IE Navigation Bar"
"{44C76ECD-F7FA-411c-9929-1B77BA77F524}"="IE Menu Site"
"{4B78D326-D922-44f9-AF2A-07805C2A3560}"="IE Menu Band"
"{6038EF75-ABFC-4e59-AB6F-12D397F6568D}"="IE Microsoft History AutoComplete List"
"{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE}"="IE Tracking Shell Menu"
"{6CF48EF8-44CD-45d2-8832-A16EA016311B}"="IE IShellFolderBand"
"{73CFD649-CD48-4fd8-A272-2070EA56526B}"="IE BandProxy"
"{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8}"="IE MRU AutoComplete List"
"{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E}"="IE RSS Feeder Folder"
"{9D958C62-3954-4b44-8FAB-C4670C1DB4C2}"="IE Microsoft Shell Folder AutoComplete List"
"{B31C5FAE-961F-415b-BAF0-E697A5178B94}"="IE Microsoft Multiple AutoComplete List Container"
"{BC476F4C-D9D7-4100-8D4E-E043F6DEC409}"="Microsoft Browser Architecture"
"{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}"="IE Shell Rebar BandSite"
"{E6EE9AAC-F76B-4947-8260-A9F136138E11}"="IE Shell Band Site Menu"
"{F2CF5485-4E02-4f68-819C-B92DE9277049}"="&Links"
"{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E}"="IE Registry Tree Options Utility"
"{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}"="IE User Assist"
"{FDE7673D-2E19-4145-8376-BBD58C4BC7BA}"="IE Custom MRU AutoCompleted List"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"

(Have to give this in 2 sections)

**Bravura** · 2006-11-19, 22:45

**********************************************************************************
HKEY ROOT CLASSIDS:
**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
admparse.dll Fri Oct 27 2006 2:44:26a A.... 71,680 70.00 K
advpack.dll Fri Oct 27 2006 2:44:06a A.... 123,904 121.00 K
browseui.dll Sat Sep 23 2006 1:12:50p A.... 1,022,976 999.00 K
comctl32.dll Fri Aug 25 2006 10:45:58a A.... 617,472 603.00 K
corpol.dll Tue Oct 17 2006 1:03:56p A.... 17,408 17.00 K
divx.dll Mon Oct 2 2006 2:04:40p A.... 635,486 620.59 K
divx_x~1.dll Mon Oct 2 2006 2:04:42p A.... 806,912 788.00 K
divx_x~2.dll Mon Oct 2 2006 2:04:42p A.... 806,912 788.00 K
divx_x~3.dll Mon Oct 2 2006 2:04:42p A.... 790,528 772.00 K
dxtmsft.dll Tue Oct 17 2006 12:58:06p A.... 346,624 338.50 K
dxtrans.dll Tue Oct 17 2006 12:57:50p A.... 214,528 209.50 K
extmgr.dll Fri Oct 27 2006 3:09:58p A.... 131,584 128.50 K
fltlib.dll Mon Aug 21 2006 7:21:06a A.... 16,896 16.50 K
gearaspi.dll Tue Sep 19 2006 3:43:58p A.... 109,360 106.80 K
icardie.dll Tue Oct 17 2006 12:58:20p ..... 61,952 60.50 K
ieakeng.dll Fri Oct 27 2006 2:44:36a A.... 152,064 148.50 K
ieaksie.dll Fri Oct 27 2006 2:44:42a A.... 229,376 224.00 K
ieakui.dll Fri Oct 27 2006 2:42:54a A.... 161,792 158.00 K
ieapfltr.dll Tue Oct 17 2006 12:27:56p ..... 380,928 372.00 K
iedkcs32.dll Fri Oct 27 2006 2:44:46a A.... 382,976 374.00 K
ieencode.dll Tue Oct 17 2006 1:06:00p A.... 78,336 76.50 K
ieframe.dll Fri Oct 27 2006 3:09:58p ..... 6,049,280 5.77 M
iepeers.dll Fri Oct 27 2006 3:09:58p A.... 191,488 187.00 K
iernonce.dll Fri Oct 27 2006 2:44:08a A.... 43,008 42.00 K
iertutil.dll Tue Oct 17 2006 12:57:20p ..... 266,752 260.50 K
iesetup.dll Fri Oct 27 2006 2:44:26a A.... 55,296 54.00 K
ieui.dll Fri Oct 27 2006 3:09:58p ..... 180,736 176.50 K
imgutil.dll Tue Oct 17 2006 12:57:58p A.... 36,352 35.50 K
inseng.dll Fri Oct 27 2006 2:44:08a A.... 92,672 90.50 K
jscript.dll Tue Oct 17 2006 1:00:00p A.... 491,520 480.00 K
jsproxy.dll Fri Oct 27 2006 3:09:58p A.... 27,136 26.50 K
licmgr10.dll Tue Oct 17 2006 1:05:10p A.... 40,960 40.00 K
msfeeds.dll Fri Oct 27 2006 3:09:58p ..... 458,752 448.00 K
msfeed~1.dll Fri Oct 27 2006 3:09:58p ..... 50,688 49.50 K
mshtml.dll Fri Oct 27 2006 3:09:58p A.... 3,577,856 3.41 M
mshtmled.dll Fri Oct 27 2006 3:09:58p A.... 475,648 464.50 K
mshtmler.dll Tue Oct 17 2006 12:28:56p A.... 48,128 47.00 K
msls31.dll Fri Oct 27 2006 3:09:58p A.... 156,160 152.50 K
msrating.dll Tue Oct 17 2006 1:05:10p A.... 192,000 187.50 K
mstime.dll Fri Oct 27 2006 3:09:58p A.... 670,720 655.00 K
msxml3.dll Wed Sep 13 2006 12:01:56a A.... 1,084,416 1.03 M
nwapi32.dll Fri Oct 13 2006 7:35:12a A.... 64,000 62.50 K
nwprovau.dll Fri Oct 13 2006 7:35:12a A.... 142,336 139.00 K
nwwks.dll Fri Oct 13 2006 7:35:12a A.... 65,536 64.00 K
occache.dll Tue Oct 17 2006 1:04:46p A.... 101,376 99.00 K
p2p.dll Wed Oct 11 2006 11:36:00a A.... 153,088 149.50 K
p2pgasvc.dll Wed Oct 11 2006 11:36:00a A.... 104,960 102.50 K
p2pgraph.dll Wed Oct 11 2006 11:36:00a A.... 313,344 306.00 K
p2pnetsh.dll Wed Oct 11 2006 11:36:00a A.... 115,712 113.00 K
p2psvc.dll Wed Oct 11 2006 11:36:00a A.... 553,984 541.00 K
pncrt.dll Sun Nov 5 2006 5:02:10p A.... 278,528 272.00 K
pndx5016.dll Sun Nov 5 2006 5:02:22p A.... 6,656 6.50 K
pndx5032.dll Sun Nov 5 2006 5:02:22p A.... 5,632 5.50 K
pngfilt.dll Tue Oct 17 2006 12:58:08p A.... 44,544 43.50 K
pnrpnsp.dll Wed Oct 11 2006 11:36:00a A.... 58,880 57.50 K
rmoc3260.dll Sun Nov 5 2006 5:02:42p A.... 185,952 181.59 K
shdocvw.dll Mon Sep 4 2006 1:12:56a A.... 1,497,088 1.43 M
shlwapi.dll Sat Sep 23 2006 1:12:50p A.... 474,112 463.00 K
url.dll Tue Oct 17 2006 1:05:22p A.... 105,984 103.50 K
urlmon.dll Fri Oct 27 2006 3:09:58p A.... 1,162,240 1.11 M
vbscript.dll Fri Oct 27 2006 3:09:58p A.... 413,696 404.00 K
webcheck.dll Fri Oct 27 2006 3:09:58p A.... 231,424 226.00 K
wgalogon.dll Wed Sep 20 2006 5:35:46p ..... 441,136 430.80 K
wininet.dll Fri Oct 27 2006 3:09:58p A.... 818,688 799.50 K
xpsp3res.dll Mon Oct 16 2006 5:29:16a A.... 248,320 242.50 K

65 items found: 65 files, 0 directories.
Total of file sizes: 28,936,478 bytes 27.59 M
Locate .tmp files:

C:\WINDOWS\SYSTEM32\
ren1b.tmp Tue Oct 17 2006 7:48:10p A.... 0 0.00 K
ren1c.tmp Tue Oct 17 2006 7:48:10p A.... 0 0.00 K
ren1d.tmp Tue Oct 17 2006 7:48:10p A.... 0 0.00 K

3 items found: 3 files, 0 directories.
Total of file sizes: 0 bytes 0.00 K
**********************************************************************************
Directory Listing of system files:
Volume in drive C has no label.
Volume Serial Number is 4C44-A0C5

Directory of C:\WINDOWS\System32

19/11/2006 04:33 PM <DIR> dllcache
07/08/2006 04:17 PM <DIR> Microsoft
0 File(s) 0 bytes
2 Dir(s) 53,388,374,016 bytes free

seven text...

**LonnyRJones** · 2006-12-06, 12:11

Sorry for the delay Bravura
Open the l2mfix\regfixes folder and doubleclick winlogondefaults.reg answer yes to the prompt
Now run l2mfix.bat agan choose option 1 and post its log, i only need to see this section "Winlogon/notify:"

Run avg antirootkit again and if any items are found save the log and post it.

Thread: Just checking...

Thread Tools

Display

Posting Permissions