Ez-Pc-Fix-Pc-Ez SCREENSHOTS Main The main screen is where you can specify the path to your windows installation folder and your "Documents and Settings" folder. Click on "Load Hives" to continue... **NOTE** If you don't see any users listed in the listbox (and you're running, xp/2k) and you're sure that the path to your windows installation and Documents and Settings folder are correct then you need to add scrrun.dll to your path and register it (with regsvr32) to enable scripting support. "Load Hives" - on Win95, 98, me, it does nothing. On 2k HKEY_LOCAL_MACHINE\Software_ON_C "Unload Hives" - yes, it just unloads them Delete Temp Files
Opens a new windows where you can select what folders you want to clean. History - user folders, systemprofile, windows folder Registry Keys It shows you and allows you to remove keys from numerous startup sections the registry.
Software\Microsoft\Windows\CurrentVersion\WinLogon
HKEY_LOCAL_MACHINE (local and remote) Registry Values Reads plugin.inf (in the same directory as the program) for a list of registry values that will be displayed so you can modify/delete them. This section can be used to quickly change homepage/search page settings for all users on the system but it's also used to list AppInit_Dlls, default shell, etc... Here's an example of 2 entries from plugin.inf: Microsoft\Internet Explorer\Main Microsoft\Windows NT\CurrentVersion\Windows Double-Click on the value to change it. Start Menu Items Shows you all objects that are starting from the startmenu (for all users) and allows you to remove them Browser Helper Objects This enumerates all BHO's from "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects". When you click on one, it searches the entire registry for that key and allows you to remove all instances at once and delete the file from the hard drive. Downloaded Program Files Shows you all "Downloaded Program Files" and allows you to remove them ActiveSetup\InstalledComponents Shows you details about "Active Setup\Installed Components" that have a Winlogon\Notify Shows you items listed in Winlogon\Notify and allows you to remove them Services Shows you all services and allows you to modify the start value for them Shell Extensions Shows you details about Shell Extensions and allows you to remove them Internet Explorer Extensions Shows you details about Internet Explorer Extensions and allows you to remove them Internet Explorer Toolbars Shows you details about Internet Explorer Toolbars and allows you to remove them File Rename Operations Shows you files scheduled to be renamed on the next reboot and allows you to remove them Text Files Shows you a list of files and allows you to easily edit them RootKitty Root Kitty - shows you files that are stealthed from windows and allows you to remove them
and xp, it loads all the registry hives (software, system, user
hives, .default) into the registry. Here's an example. If you have
XP installed to your C drive, you would end up with:
HKEY_LOCAL_MACHINE\System_ON_C
HKEY_USERS\Administrator_ON_C
HKEY_USERS\YourName_ON_C
HKEY_USERS\Default_ON_C
HKEY_USERS\Default User_ON_C
HKEY_USERS\NetworkService_ON_C
HKEY_USERS\LocalService_ON_C
HKEY_USERS\All Users_ON_C
Here's the options and where each one looks for files:
Recent - user folders, systemprofile, windows folder
Temp Folder - user folders, systemprofile, windows folder
Temporary Internet Files - user folders, systemprofile, windows folder
_Restore / System Volume Information - root directory
Cookies - user folders, systemprofile, windows folder
Prefetch - Windows\Prefetch
Here's where it looks:
Software\Microsoft\Windows\CurrentVersion\Run
Software\Microsoft\Windows\CurrentVersion\RunOnce
Software\Microsoft\Windows\CurrentVersion\RunOnceEx
Software\Microsoft\Windows\CurrentVersion\RunServices
Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Software\Microsoft\Windows NT\CurrentVersion\Run
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
Software\Microsoft\Windows\CurrentVersion\DelayRun
Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved (with empty descriptions)
HKEY_CURRENT_USER
all users hives including the .Default and SystemProfile hives
Start Page
AppInit_DLLs
"stubpath" defined and allows you to remove them 
