We need to know if anyone has anything in a particular registry key found in Windows NT, 2000, XP and 2003, if you have any of those operating systems you could help by viewing the following registry key :-

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\

And looking at the value for "AppInit_DLLs"

To view the above registry key you need to load "regedit.exe", which you can run by clicking on the Start button, then Run, and typing in "regedit" without the quotes.

We need this information for an upcoming security product and need to know if any "well used" applications use this functionality.

Thanks in advance guys.

-Jason-

Hi Jason,

I exported the entire key so you can check if I got the right one:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710

Win2k SP4 (Dutch version)

HTH,

Pieter

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Defualt - REG_SZ - Value not set
AppInit_DLLs - REG_SZ
DeviceNoSelectedTimeout - Reg_SZ - 15
GDIProcessHandQuota - REG_DWORD - 0x00002710 (10000)
Spooler - REG_SZ - Yes
swapdisk - REG-SZ -
TransmissionTimeRetryTimeout - REG_SZ - 90
USERProcessHandleQuota - REG_SZ - 0x00002710 (100000)

Running W2000 Advanced Server SP4: no value set for AppInit_DLLs
Dolf

Running Windows XP Home SP1, with all the current updates.

See attached image :).

Regards,
Jade.

XP Pro SP1: see screem shot (no value).

regards.

paul

Using WinXP Home Edition 5.1.2600, SP 1

The AppInit_DLL entry for the key is: FHook.dll

Using a file search utility, I am not able to locate the dll file anywhere on my machine.

Bdiamond

Hi Bdiamond,

Are you using or did you ever use a program called SurfinShield?

TIA,

Pieter

No value set here, either. Pete

Well, I don't remember precisely the name but it was, at least, very close to that. I do remember that it was an application from Finjan Software called SurfinGuard. There may well have been something called surfinshield associated with it.

I no longer have the software; however, if it would really help, I could easily download SurfinGuard and take a look.

Regards,

Bdiamond

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710

Windows XP SP1 (Dutch)

XP-Home SP1

Win2kpro SP4

appinit value = umxsbxexw.dll

dll is for Tiny Firewall

Thanks everyone,

Dan do you know what functionality exists in that DLL from Tiny, and why it would need to be in every process?

-Jason-

I am running win. xp

I would post a screenshot, but it would be exactly the same as the one posted by bigc73542! Running Win XP SP1, no value set for the entry in question.