Download What s up App & Maxthon PC CYBER & ATHEROS Wireless drivers for Windows

View previous topic View next topic Go down

Download What s up App & Maxthon PC CYBER & ATHEROS Wireless drivers for Windows

Post  Admin on Mon Nov 26, 2012 3:15 pm


PC Cyber http://mypc.my-goo.com/

NVIDIA BUS

http://www.radarsync.com/software/s131526-nvidia_network_bus_enumerator


FIREWALL AND INTERNET SECURITY SOFTWARE  - UNINSTALL  --   Removal Tool
https://sonos.custhelp.com/app/answers/detail/a_id/692

NVIDIA Geforce 7150M     FDCO1.dll     nvconm.dll   ( system 32 )
http://www.nvidia.com/content/drivers

Mail.Ru Агент  Russia Agent , ( new skype  )  best as skype  
http://agent.mail.ru/

Top 14 Free Antivirus Softwares – Which one is the best?
http://www.ekoob.com/top-free-antivirus-softwares-877/

http://mwav-toolkit-utility.download-251-39959.programsbase.com/

HP Pavilion dv9823em Entertainment Notebook PC Support search results
http://h10025.www1.hp.com/ewfrf/wc/searchResults?tmp_product=HP+Pavilion+dv9823em+Entertainment+Notebook+PC&product=3753800&tmp_qt=boot+cd+&cc=us&dlc=en&lc=en


ATHEROS Wireless drivers for Windows

http://www.atheros.cz/atheros-wireless-drivers.php

Network Adapter Driver for Windows Vista*, Final Release

https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=18718


Maxthon

http://forum.maxthon.com/redirect.php?tid=84653&goto=newpost#newpost

OLD SKYPE  

https://www.dropbox.com/sh/qxcenkg6tzy7u0x/jD4sjYr0Ek




Providing the best browsing experience!Free Download at: www.maxthon.com


shortcut key "F10"


 
Ctrl +B   Show Favorites Bar  

Ctrl + Shift + B    Show Favorites Manager  

Ctrl + D  Add to Favorites

Ctrl + H    History



that is my



3/ i need deleted  Xunlei.Any.Player  ( i not found him in ## Extensions ## list )

i need more time maybe after 2 months will be better  ))




Download WhatsApp
http://www.whatsapp.com/download/

Chat
http://www.wechatapp.com/cgi-bin/readtemplate?uin=&stype=&promote=&fr=&ADTAG=&&check=false&t=wechat&lang=en&setlanguage=1

Easy to use VoIP softphone with profile
http://phonerlite.de/download_en.htm
http://www.efonica.com/

http://sourceforge.net/projects/pidgin/?source=dlp

https://www.torproject.org/download/download-easy.html.en

https://mobile.twitter.com





+++++++++++++++++++++++
Sunbelt Software  

- delete   adresář Personal Firewall v adresáři C:\Program Files\Sunbelt Software
- delete   HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software\Personal Firewall
-  delete   fwdrv.sys a fwdrv.vxd  
-  delete  : HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET001\SERVICES\FWDRV  

have you this file  unistall file  ??  SKPFClean 4.3 or  SPFClean 4.6



If you have had problem with Sunbelt firewall 4.6  and you can not instal new same firewall  you must delete maulay this registry  ,

than try instal same software  , but mostly PC saying ERROR is instaled   , than you must move more registry , easy way is reistal and unistal ,

1 Key:HKEY_USERS\.DEFAULT\Software\Sunbelt Software\Personal Firewall\Admin\Language|__ Value Added : adminlanguage = "en"
2 Key:HKEY_USERS\.DEFAULT\Software\Sunbelt Software\Personal Firewall\Admin\Language|__ Value Added : translationversion = "4.3.0"
3 Key:HKEY_LOCAL_MACHINE\HARDWARE\RESOURCEMAP\PnP Manager\PnpManager|__ Value Added : \device\0000003e.translated = "01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 01 01 10 00 79 0a 00 00 00 00 00 00 01 00 00 00 01 01 10 00 79 02 00 00 00 00 00 00 01 00 00 00 01 01 10 00 74 02 00 00 00 00 00 00 04 00 00 00"
4 Key:HKEY_LOCAL_MACHINE\HARDWARE\RESOURCEMAP\PnP Manager\PnpManager|__ Value Added : \device\00000045.translated = "01 00 00 00 0f 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 01 01 11 00 60 00 00 00 00 00 00 00 01 00 00 00 01 01 11 00 64 00 00 00 00 00 00 00 01 00 00 00 02 01 01 00 08 00 00 00 93 01 00 00 01 00 00 00"
5 Key:HKEY_USERS\S-1-5-18\Software\Sunbelt Software\Personal Firewall\Admin\Language|__ Value Added : adminlanguage = "en"
6 Key:HKEY_USERS\S-1-5-18\Software\Sunbelt Software\Personal Firewall\Admin\Language|__ Value Added : translationversion = "4.3.0"
7 Key:HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings|__ Value Added : jitdebug = "0"
8 Key:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012008091020080911|__ Value Added : cachelimit = "8192"
9 Key:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012008091020080911|__ Value Added : cacheoptions = "11"
10 Key:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012008091020080911|__ Value Added : cachepath = "%userprofile%\local settings\history\history.ie5\mshist012008091020080911\"
11 Key:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012008091020080911|__ Value Added : cacheprefix = ":2008091020080911:"
12 Key:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012008091020080911|__ Value Added : cacherepair = "0"
13 Key:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls|__ Value Added : %programfiles%\sunbelt software\personal firewall\kticonv.dll = "1"
14 Key:HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software|__ Value Added : installroot = "%programfiles%\sunbelt software\personal firewall\"
15 Key:HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software\Personal Firewall|__ Value Added : defaultnetworkpolicy = "1"
16 Key:HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software\Personal Firewall|__ Value Added : extendpath = "%programfiles%\sunbelt software\personal firewall\"
17 Key:HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software\Personal Firewall|__ Value Added : installpath = "%programfiles%\sunbelt software\personal firewall\"
18 Key:HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software\Personal Firewall|__ Value Added : currentversion = "4.6.1861.0"
19 Key:HKEY_LOCAL_MACHINE\SOFTWARE\Sunbelt Software\Personal Firewall|__ Value Added : running = "1"
20 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin|__ Value Added : advancedruleenabled = "0"
21 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin|__ Value Added : defaulttrayitem = "1"
22 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin|__ Value Added : showdetails = "0"
23 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\Language|__ Value Added : adminlanguage = "en"
24 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\Language|__ Value Added : translationversion = "4.3.0"
25 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List|__ Value Added : expandconnections = "0"
26 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List|__ Value Added : hideconnectionflag = "1"
27 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List|__ Value Added : showicon = "1"
28 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\ConnList|__ Value Added : columndata = "0,180,1,180,2,80,3,75,4,75,5,80,6,80"
29 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\ConnList|__ Value Added : columns = "7"
30 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\HipsLogList|__ Value Added : columndata = "0,40,1,40,2,130,3,60,4,60,5,200"
31 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\HipsLogList|__ Value Added : columns = "6"
32 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\IdsLogList|__ Value Added : columndata = "0,40,1,40,2,130,3,200,4,60,5,100,6,160,7,60,8,60"
33 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\IdsLogList|__ Value Added : columns = "9"
34 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\NetLogList|__ Value Added : columndata = "0,40,1,40,2,130,3,200,4,200,5,60,6,80,7,80,8,60,9,60"
35 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\NetLogList|__ Value Added : columns = "10"
36 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\NetSecAppsList|__ Value Added : columndata = "0,161,1,70,2,70,3,70,4,70,5,50,6,50"
37 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\NetSecAppsList|__ Value Added : columns = "7"
38 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\NetSecPredefined|__ Value Added : columns = "7"
39 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\NetSecZones|__ Value Added : columndata = "0,50,1,150,2,180,3,200"
40 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\NetSecZones|__ Value Added : columns = "4"
41 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\PrivacySites|__ Value Added : columndata = "0,150,1,80,2,80,3,80,4,80,5,80,6,80,7,80,8,80,9,80"
42 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\PrivacySites|__ Value Added : columns = "10"
43 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\SysLogList|__ Value Added : columndata = "0,40,1,40,2,130,3,90,4,200,5,200,6,60"
44 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\SysLogList|__ Value Added : columns = "7"
45 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\WebLogList|__ Value Added : columndata = "0,40,1,40,2,130,3,50,4,200,5,60,6,250,7,100"
46 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\List\Column\WebLogList|__ Value Added : columns = "8"
47 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\MRUItem|__ Value Added : lastpage = "0"
48 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\MRUItem|__ Value Added : lastsection = "0"
49 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\MRUItem|__ Value Added : lasttab = "0"
50 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\Resolving|__ Value Added : resolvedns = "1"
51 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\Resolving|__ Value Added : resolvepath = "1"
52 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\Resolving|__ Value Added : resolveports = "1"
53 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\Resolving|__ Value Added : resolveprotocols = "1"
54 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\Window\Pos\AdminDlg|__ Value Added : posflags = "64"
55 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\Window\Pos\AdminDlg|__ Value Added : showflags = "5"
56 Key:HKEY_CURRENT_USER\Software\Sunbelt Software\Personal Firewall\Admin\Window\Pos\AdminDlg|__ Value Added : left = "238"
57 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#SB_SBFWIMCLMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}|__ Value Added : deviceinstance = "root\sb_sbfwimclmp\0000"
58 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#SB_SBFWIMCLMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{8AC95EFF-CAB4-4237-949D-12A509C234CD}|__ Value Added : symboliclink = "\?\root#sb_sbfwimclmp#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{8ac95eff-cab4-4237-949d-12a509c234cd}"
59 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#SB_SBFWIMCLMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{8AC95EFF-CAB4-4237-949D-12A509C234CD}\Control|__ Value Added : linked = "1"
60 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#SB_SBFWIMCLMP#0000#{ad498944-762f-11d0-8dcb-00c04fc3358c}\Control|__ Value Added : referencecount = "1"
61 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#SB_SBFWIMCLMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}|__ Value Added : deviceinstance = "root\sb_sbfwimclmp\0001"
62 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#SB_SBFWIMCLMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{BBF029A7-80C1-4711-A366-E68A76E99DD2}|__ Value Added : symboliclink = "\?\root#sb_sbfwimclmp#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}\{bbf029a7-80c1-4711-a366-e68a76e99dd2}"
63 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#SB_SBFWIMCLMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}\#{BBF029A7-80C1-4711-A366-E68A76E99DD2}\Control|__ Value Added : linked = "1"
64 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses\{ad498944-762f-11d0-8dcb-00c04fc3358c}\##?#ROOT#SB_SBFWIMCLMP#0001#{ad498944-762f-11d0-8dcb-00c04fc3358c}\Control|__ Value Added : referencecount = "1"
65 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions|__ Value Added : sunbelt software firewall ndis im filter miniport = "31 00 32 00 00"
66 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{8C3C9EDC-7957-4C7A-A959-BC563E9EFF6A}|__ Value Added : characteristics = "17424"
67 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{8C3C9EDC-7957-4C7A-A959-BC563E9EFF6A}|__ Value Added : componentid = "sb_sbfwimcl"
68 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{8C3C9EDC-7957-4C7A-A959-BC563E9EFF6A}|__ Value Added : description = "sunbelt software firewall ndis im filter"
69 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{8C3C9EDC-7957-4C7A-A959-BC563E9EFF6A}|__ Value Added : infpath = "oem5.inf"
70 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{8C3C9EDC-7957-4C7A-A959-BC563E9EFF6A}|__ Value Added : infsection = "sbfwimcl.ndi"
71 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{8C3C9EDC-7957-4C7A-A959-BC563E9EFF6A}\Ndi|__ Value Added : filterclass = "failover"
72 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{8C3C9EDC-7957-4C7A-A959-BC563E9EFF6A}\Ndi|__ Value Added : filterdeviceinffile = "sbfwim_m.inf"
73 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{8C3C9EDC-7957-4C7A-A959-BC563E9EFF6A}\Ndi|__ Value Added : filterdeviceinfid = "sb_sbfwimclmp"
74 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{8C3C9EDC-7957-4C7A-A959-BC563E9EFF6A}\Ndi|__ Value Added : helptext = "sunbelt software firewall ndis im filter"
75 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{8C3C9EDC-7957-4C7A-A959-BC563E9EFF6A}\Ndi|__ Value Added : service = "sbfwimcl"
76 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}\{8C3C9EDC-7957-4C7A-A959-BC563E9EFF6A}\Parameters|__ Value Added : param1 = "4"
77 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBFW|__ Value Added : nextinstance = "1"
78 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBFW\0000|__ Value Added : class = "legacydriver"
79 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBFW\0000|__ Value Added : classguid = "{8ecc055d-047f-11d1-a537-0000f8753ed1}"
80 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBFW\0000|__ Value Added : configflags = "0"
81 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBFW\0000|__ Value Added : devicedesc = "sbfw"
82 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBFW\0000|__ Value Added : legacy = "1"
83 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBFW\0000|__ Value Added : service = "sbfw"
84 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBFW\0000\Control|__ Value Added : *newlycreated* = "0"
85 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBFW\0000\Control|__ Value Added : activeservice = "sbfw"
86 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBHIPS|__ Value Added : nextinstance = "1"
87 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBHIPS\0000|__ Value Added : class = "legacydriver"
88 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBHIPS\0000|__ Value Added : classguid = "{8ecc055d-047f-11d1-a537-0000f8753ed1}"
89 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBHIPS\0000|__ Value Added : configflags = "0"
90 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBHIPS\0000|__ Value Added : devicedesc = "sunbelt hips driver"
91 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBHIPS\0000|__ Value Added : legacy = "1"
92 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBHIPS\0000|__ Value Added : service = "sbhips"
93 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBHIPS\0000\Control|__ Value Added : *newlycreated* = "0"
94 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBHIPS\0000\Control|__ Value Added : activeservice = "sbhips"
95 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBPF.LAUNCHER|__ Value Added : nextinstance = "1"
96 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBPF.LAUNCHER\0000|__ Value Added : class = "legacydriver"
97 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBPF.LAUNCHER\0000|__ Value Added : classguid = "{8ecc055d-047f-11d1-a537-0000f8753ed1}"
98 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBPF.LAUNCHER\0000|__ Value Added : configflags = "0"
99 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBPF.LAUNCHER\0000|__ Value Added : devicedesc = "sbpf.launcher"
100 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBPF.LAUNCHER\0000|__ Value Added : legacy = "1"
101 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBPF.LAUNCHER\0000|__ Value Added : service = "sbpf.launcher"
102 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBPF.LAUNCHER\0000\Control|__ Value Added : *newlycreated* = "0"
103 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBPF.LAUNCHER\0000\Control|__ Value Added : activeservice = "sbpf.launcher"
104 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4|__ Value Added : nextinstance = "1"
105 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4\0000|__ Value Added : class = "legacydriver"
106 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4\0000|__ Value Added : classguid = "{8ecc055d-047f-11d1-a537-0000f8753ed1}"
107 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4\0000|__ Value Added : configflags = "0"
108 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4\0000|__ Value Added : devicedesc = "sunbelt personal firewall 4"
109 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4\0000|__ Value Added : legacy = "1"
110 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4\0000|__ Value Added : service = "spf4"
111 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4\0000\Control|__ Value Added : *newlycreated* = "0"
112 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SPF4\0000\Control|__ Value Added : activeservice = "spf4"
113 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000|__ Value Added : capabilities = "0"
114 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000|__ Value Added : class = "net"
115 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000|__ Value Added : classguid = "{4d36e972-e325-11ce-bfc1-08002be10318}"
116 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000|__ Value Added : configflags = "0"
117 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000|__ Value Added : devicedesc = "sunbelt software firewall ndis im filter miniport"
118 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000|__ Value Added : driver = "{4d36e972-e325-11ce-bfc1-08002be10318}\0010"
119 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000|__ Value Added : friendlyname = "wan miniport (ip) - sunbelt software firewall ndis im filter miniport"
120 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000|__ Value Added : hardwareid = "73 62 5f 53 42 46 57 49 4d 63 6c 6d 70 00 00"
121 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000|__ Value Added : mfg = "sunbelt software, inc."
122 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000|__ Value Added : service = "sbfwimcl"
123 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000\Control|__ Value Added : activeservice = "sbfwimcl"
124 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0000\Device Parameters|__ Value Added : instanceindex = "1"
125 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001|__ Value Added : capabilities = "0"
126 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001|__ Value Added : class = "net"
127 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001|__ Value Added : classguid = "{4d36e972-e325-11ce-bfc1-08002be10318}"
128 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001|__ Value Added : configflags = "0"
129 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001|__ Value Added : devicedesc = "sunbelt software firewall ndis im filter miniport"
130 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001|__ Value Added : driver = "{4d36e972-e325-11ce-bfc1-08002be10318}\0011"
131 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001|__ Value Added : friendlyname = "vmware accelerated amd pcnet adapter - sunbelt software firewall ndis im filter miniport"
132 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001|__ Value Added : hardwareid = "73 62 5f 53 42 46 57 49 4d 63 6c 6d 70 00 00"
133 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001|__ Value Added : mfg = "sunbelt software, inc."
134 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001|__ Value Added : service = "sbfwimcl"
135 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001\Control|__ Value Added : activeservice = "sbfwimcl"
136 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\SB_SBFWIMCLMP\0001\Device Parameters|__ Value Added : instanceindex = "2"
137 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : adapternotificationdisabled = "0"
138 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : alwayssecure = "1"
139 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : blockipv6 = "0"
140 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : bufcachesize = "96"
141 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : datagramroutingextent = "1228308380"
142 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : debuglog = "0"
143 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : debuglogfile = "\systemroot\system32\drivers\sbfw.dbg"
144 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : debuglogflags = "0"
145 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : displayname = "sbfw"
146 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : errlog = "1"
147 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : errlogfile = "\systemroot\system32\drivers\sbfw.err"
148 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : errorcontrol = "1"
149 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : errpopup = "0"
150 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : fssecenabled = "0"
151 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : group = "file system"
152 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : imagepath = "system32\drivers\sbfw.sys"
153 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : maxbuffersallocated = "768"
154 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : maxbuffersize = "16384"
155 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : regsecenabled = "0"
156 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : start = "1"
157 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : statinspenabled = "1"
158 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : streamsupportenabled = "1"
159 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : tag = "1"
160 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : tcpconnectiontimeout = "0"
161 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw|__ Value Added : type = "1"
162 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw\Enum|__ Value Added : 0 = "root\legacy_sbfw\0000"
163 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw\Enum|__ Value Added : count = "1"
164 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw\Enum|__ Value Added : nextinstance = "1"
165 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbFw\Security|__ Value Added : security = "01 00 14 80 90 00 00 00 9c 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8d 01 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 18 00 fd 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00"
166 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL|__ Value Added : adapternotificationdisabled = "0"
167 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL|__ Value Added : alwayssecure = "2"
168 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL|__ Value Added : blockipv6 = "0"
169 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL|__ Value Added : displayname = "sunbelt software firewall ndis im filter miniport"
170 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL|__ Value Added : errorcontrol = "1"
171 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL|__ Value Added : group = "pnp_tdi"
172 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL|__ Value Added : imagepath = "system32\drivers\sbfwim.sys"
173 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL|__ Value Added : start = "3"
174 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL|__ Value Added : statinspenabled = "1"
175 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL|__ Value Added : tag = "8"
176 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL|__ Value Added : type = "1"
177 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL\Enum|__ Value Added : 0 = "root\sb_sbfwimclmp\0000"
178 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL\Enum|__ Value Added : 1 = "root\sb_sbfwimclmp\0001"
179 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL\Enum|__ Value Added : count = "2"
180 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL\Enum|__ Value Added : nextinstance = "2"
181 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL\Parameters\Adapters\{8A4888C5-F61F-4B82-9A1B-8E6FA198E511}|__ Value Added : upperbindings = "\device\{bbf029a7-80c1-4711-a366-e68a76e99dd2}"
182 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL\Parameters\Adapters\NdisWanIp|__ Value Added : upperbindings = "\device\{8ac95eff-cab4-4237-949d-12a509c234cd}"
183 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SBFWIMCL\Security|__ Value Added : security = "01 00 14 80 90 00 00 00 9c 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8d 01 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 18 00 fd 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00"
184 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbhips|__ Value Added : displayname = "sunbelt hips driver"
185 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbhips|__ Value Added : errorcontrol = "1"
186 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbhips|__ Value Added : imagepath = "\systemroot\system32\drivers\sbhips.sys"
187 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbhips|__ Value Added : start = "1"
188 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbhips|__ Value Added : tracefile = "%programfiles%\sunbelt software\personal firewall\logs\sbhips.log"
189 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbhips|__ Value Added : tracelevel = "0"
190 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbhips|__ Value Added : type = "1"
191 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbhips\Enum|__ Value Added : 0 = "root\legacy_sbhips\0000"
192 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbhips\Enum|__ Value Added : count = "1"
193 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbhips\Enum|__ Value Added : nextinstance = "1"
194 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbPF.Launcher|__ Value Added : displayname = "sbpf.launcher"
195 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbPF.Launcher|__ Value Added : errorcontrol = "1"
196 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbPF.Launcher|__ Value Added : imagepath = ""%programfiles%\sunbelt software\personal firewall\sbpflnch.exe""
197 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbPF.Launcher|__ Value Added : objectname = "localsystem"
198 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbPF.Launcher|__ Value Added : start = "2"
199 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbPF.Launcher|__ Value Added : type = "16"
200 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbPF.Launcher\Enum|__ Value Added : 0 = "root\legacy_sbpf.launcher\0000"
201 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbPF.Launcher\Enum|__ Value Added : count = "1"
202 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbPF.Launcher\Enum|__ Value Added : nextinstance = "1"
203 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SbPF.Launcher\Security|__ Value Added : security = "01 00 14 80 90 00 00 00 9c 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8d 01 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 18 00 fd 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00"
204 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPF4|__ Value Added : description = "sunbelt personal firewall engine"
205 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPF4|__ Value Added : displayname = "sunbelt personal firewall 4"
206 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPF4|__ Value Added : errorcontrol = "1"
207 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPF4|__ Value Added : imagepath = ""%programfiles%\sunbelt software\personal firewall\sbpfsvc.exe""
208 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPF4|__ Value Added : objectname = "localsystem"
209 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPF4|__ Value Added : start = "2"
210 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPF4|__ Value Added : type = "16"
211 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPF4\Enum|__ Value Added : 0 = "root\legacy_spf4\0000"
212 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPF4\Enum|__ Value Added : count = "1"
213 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPF4\Enum|__ Value Added : nextinstance = "1"
214 Key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPF4\Security|__ Value Added : security = "01 00 14 80 90 00 00 00 9c 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8d 01 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 18 00 fd 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00"


+++++++++++++++++++++++++++++++++++++++++++


Registry: Delete a File on Reboot
When a file is in use, we can use PendingFileRenameOperations to rename the file on the next reboot.

PendingFileRenameOperations accepts pairs of file paths.
The 1st path is the file to be renamed.
The 2nd path is the new file path.
If we put an empty string as the 2nd path, Windows will delete the file.

However, Registry Editor will remove any empty string it found. So, one way to get around it is to modify the binary data.

1. Start -> Run
2. Type in regedit, and press ENTER
3. Goto
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
4. Create a new Multi-String value: PendingFileRenameOperations
5. Enter \??\filepath as the data (e.g. \??\C:\Windows\virus.exe)
6. Press OK
7. Right-click on the key, click Modify Binary Data
8. At the end of the hex string, add 0000 (4 zeros which represent an empty string)
9. Press OK
10. Restart your computer

++++++++++++++++++++++

Topic: How do I remove a "Locked" Registry key?  (Read 19347 times)
siliconman01
Global Moderator




siliconman01

   


Gender:
Posts: 7760
How do I remove a "Locked" Registry key?
« on: Apr 3rd, 2009, 11:02pm »
It is a frequent tactic of cybercriminals' malicious software to encode modifications to the permissions of associated registry keys.  This can prevent security software from being able to remove the infected registry keys from the system registry.  The procedure herein provides a step-by-step procedure for manually removing "locked" registry keys.

Warning:  Manually editing the system registry can be dangerous to the proper operation of your computer.  An incorrect modification can render the computer non-bootable.  Always backup your registry prior to manually editing it.

For the purpose of example, the following registry key is used.   It is assumed that this registry key has been maliciously altered such that the infected key cannot be removed by security software such as TrojanHunter.    

HKEY_CLASSES_ROOT\CLSID\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}

The procedure below will change the permissions for registry key {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}, changing its permissions to your user account and providing you full control of this specific registry key. You should then be able to delete the key.    

-  The procedure steps described are for a Windows Vista operating system;  however, the steps are very similiar for Windows XP.

-  You must be signed on with a user account that has full administrative privileges.

-  To open Regedit on a Vista system:

   a.  Go to START>RUN and type in Regedit.  Regedit.exe will appear in the Start window.  

   b.  Right click on Regedit.exe and select "Run as administrator".  

-  To open Regedit on a XP system:

   a.  Go to START>RUN and type in Regedit.exe.  

   b.  Click on OK to open Regedit.

Removal Procedure:

1.  Open Regedit.  
2.  Expand HKEY_CLASSES_ROOT by clicking on the + sign next to HKEY_CLASSES_ROOT.  
3.  Scroll down the registry keys until you find the registry key named CLSID.  
4.  Expand registry key CLSID by clicking on the + sign next to CLSID.  
5.  Scroll down the registry keys under CLSID until you find the registry key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}.  
 
6.  Right click on the registry key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} and select Permissions from the menu.  
7.  Click on Advanced.  
8.  Select the Owner tab.  
9.  In the "Change owner to" window, highlight the one that is your personal user account.  
10.  Checkmark "Replace owner on subcontainers and objects".  
11.  Click on Apply. Your personal user account should now be in the Current Owner box.  
12.  Click on OK. You should now be back to the Security tab.  
13.  Click on OK.  
 
14.  Again, right click on the registry key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} and select Permissions from the menu.  
15.  In the "Group or user names:" window, highlight the one that is your personal user account.  
16.  In the Permissions for (your user name), the Full Control and Read boxes should be checked under Allow. IF NOT, skip to step 22.  
17.  Click on OK to close the Permissions window.  
18.  Right click on the registry key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} and select Delete. Confirm the Delete. The registy key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} should disappear.  
19.  The registry key should now disappear and you are done with the deletion.   Close Regedit.  
20.  Reboot your computer.
21.  Rescan your computer with your security software to ensure the registry key is no longer present.  
 
22.  If your user account does not have Full Control, click on Advanced.  
23.  In the Permissions entries window, highlight the entry with your user account name.  
24.  Checkmark the box "Include inheritable permissions from this object's parent.".  
25.  Click on Edit  
26.  In the Permissions window, check mark all the boxes under Allow.  
27.  Check mark the box "Apply these permissions to objects and/or containers within this container only.".  
28.  In the Apply to: window, it should be "This key and subkeys".  
29.  Click on OK.  
30.  Click on Apply and OK.  
31.  Click on Apply and OK.  
32.  Right click on the registry key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} and select Delete. Confirm the Delete. the registry key named {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} should disappear.  
33.  The registry key should now disappear and you are done with the deletion.   Close Regedit.  
34.  Reboot your computer.  
35.  Rescan your computer with your security software to ensure the registry key is no longer present.

NOTE 1:  If the registry key that you are attempting to remove has one or more subkeys under it, you may have to change permissions, obtain full control, and delete each of the subkeys prior to deleting the main registry key.  

NOTE 2:  A freeware program to back up the system registry is program RegBak.  It can be downloaded from the link below.

+++++++++

ArcaVir Removal Tool v2012.0.0.20 (ArcaBit)
ArcaVir Removal Tool (x64) v2012.0.0.19 (ArcaBit)
avast! Antivirus Removal Tool v9.0.2008.177 (AVAST Software a.s.)
AVG IDP Uninstaller v3.5 (AVG Technologies CZ, s.r.o.)
AVG Remover tools (AVG Technologies CZ, s.r.o.)
Avira RegistryCleaner v13.0.0.1 (Avira GmbH.)
AVS Uninstall Cleaner v1.0.1.5 (Online Media Technologies Ltd.)
BitDefender Uninstall Tools (BitDefender S.R.L.)
BullGuard Uninstaller v2.15 (BullGuard Ltd.)
CA 2007/2008 uninstall Utility (CA)
Comodo Products Uninstaller Tool v0.3b (Comodo Forum, scripts by Jacob and Ragwing)
Dr.Web Remover v2.0.4.9260 (Doctor Web, Ltd.)
Dr.Web Remover v2.0.0.6070 (Doctor Web, Ltd.)
Emsisoft Clean v1.2.0.57 (Emsi Software GmbH.)
eScan password reset tool v1.0.0.1 (MicroWorld Technologies Inc.)
eScan Removal Tool v1.0.0.27 (MicroWorld Technologies Inc.)
ESET Uninstaller v6.0.3.0 (ESET)
F-PROT Version 3.x Remover v1.0.0.475 (FRISK Software International)
F-PROT Version 6.x Remover v1.0.5.1 (FRISK Software International)
F-Secure Uninstallation Tool v3.0.2660 (F-Secure Corporation)
G Data AntiVirus Cleaner v1.9.0.1 (G Data Software AG)
K7 Security Product Removal Tool v1.0.43 (K7 Computing Pvt. Ltd.)
Kaspersky password reset tools (Kaspersky Lab ZAO)
Kaspersky Removal Tool v1.0.603 (Kaspersky Lab ZAO)
Max AntiVirus Uninstaller v1.0.0.1 (MaxSecure Software)
Max SpywareDetector Uninstaller v1.0.0.1 (MaxSecure Software)
MBAM Cleanup Utility v1.60.2.3 (Malwarebytes Corporation)
McAfee Software Removal v6.8.709 (McAfee, Inc.)
McAfee Clean Up Tool for Win98/Me (McAfee, Inc.)
McAfee Total Protection Uninstaller v5.2.3.104 (McAfee, Inc.)
Microsoft Security Essentials 1.0 Uninstaller v2.1.3.16 (Microsoft Corporation)
Microsoft Security Essentials 2 Uninstaller v2.1.3.4 (Microsoft Corporation)
Norman Removal Tool v1.2.10.2 (Norman ASA)
nProtect Security Platform 2007 Remover v2.0.78.0 (INCAInternet Co.,Ltd)
Outpost Clean v8.10.4303 (Agnitum Ltd.)
Panda AdminSecure Uninstaller v3.6 (Panda Security, S.L.)
Panda Cloud AV Uninstaller v1.7.41.0 (Panda Security, S.L.)
Panda 2007 Uninstaller v1.5.0 Rev 1 (Panda Security, S.L.)
Panda Uninstaller v1.7.38.0 (Panda Security, S.L.)
PC Tools ThreatFire Removal v3.7.9.13 (PC Tools)
Prevx v1 and v2 Removal Tool (Prevx Ltd)
Prevx v3.0 Removal Tool (Prevx Ltd)
QuickHeal Removal Tools (Quick Heal Technologies (P) Ltd.)
QuickHeal Admin Console Removal Tools (Quick Heal Technologies (P) Ltd.)
QuickHeal Client Agent Removal Tools (Quick Heal Technologies (P) Ltd.)
Radialpoint Security Uninstall Utility v9.0.0.41286 (Radialpoint SafeCare Inc.)
Radialpoint Security Uninstall Utility v10.0.0.56987 (Radialpoint SafeCare Inc.)
Radialpoint Servicepoint Dashboard Uninstall Utility v3.7.31.44965 (Radialpoint SafeCare Inc.)
Radialpoint Servicepoint Dashboard Uninstall Utility v4.1.15.56109 (Radialpoint SafeCare Inc.)
SPAMfighter Remove v6.0 (SPAMfighter ApS)
Sunbelt CounterSpy Cleaner v1.0.3509.25408 (Sunbelt Software)
Sunbelt Personal Firewall Cleaner v2.0 (Sunbelt Software)
SUPERAntiSpyware Application UnInstaller (x32) v1.0.0.1018 (SUPERAntiSpyware.com)
SUPERAntiSpyware Application UnInstaller (x64) v1.0.0.1004 (SUPERAntiSpyware.com)
Symantec Norton Removal Tools (Symantec Corporation)
Trend Micro Tools (Trend Micro Inc.)
TrustPort Removal Utility v12.0.0.1 (TrustPort, a.s.)
Vexira 5.2 and 5.3 Uninstall (Central Command, Inc.)
Vipre Premium Cleaner v1.0.3848.28197 (Sunbelt Software)
VirusBuster Clean x32 v3.5.3389.11926 (VirusBuster Ltd.)
VirusBuster Clean x64 v4.0.3791.13014 (VirusBuster Ltd.)
Webroot Desktop Firewall Removal Utility v5.8.0.25 (Webroot Inc.)
Webroot Spy Sweeper Consumer Cleanup Tool v2.0.1.492 (Webroot Inc.)
Webroot Upgrade and Uninstall Utility v7.0.12.24 (Webroot Inc.)
Windows Live OneCare Cleanup Tool v6.1.22.0 (Microsoft Corporation)
WinPatrol Removal v24.7.2012 (BillP Studios)
Zondex Guard EraseAv v5.4.4.1 (Australian Projects Pty Limited)
Zondex Guard RemSerial v5.4.4.3 (Australian Projects Pty Limited)
ZoneAlarm Removal Tool v12.0.104.0 (Check Point Software Technologies LTD)

 bounce 

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\*\shell\Delete on reboot\command]
@="CMD /E:OFF /C REG ADD
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\Currentversion\\RunOnce
/v \"Del %1 OnNextReboot\" /d ^\"cmd.exe /c DEL /F /Q \\\"%1\\\"\"
/f\""

[HKEY_CLASSES_ROOT\*\shell\Open]

[HKEY_CLASSES_ROOT\Folder\shell\Delete on reboot\command]
@="CMD /E:OFF /C REG ADD
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\Currentversion\\RunOnce
/v \"Del %1 OnNextReboot\" /d ^\"cmd.exe /c RD /S /Q \\\"%1\\\"\"
/f\""
avatar
Admin
Admin

Posts : 282
Join date : 2012-10-23

View user profile http://about.me/rudolfsindelar

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum