Next, MSS file
MySystem-Search
MSS v1.7
Basic System Information
Username: Administrator - Date: 11/05/2010 - Time: 17:24:52
Microsoft Windows XP [Version 5.1.2600]
Processor type: x86 Family 6 Model 13 Stepping 6, GenuineIntel
Total processors: 1
Computer Name: ZULU227
Logon Server: \\ZULU227
CD Emulation Drivers running?
Peer-to-Peer applications?
BitTorrent found!
Security Tools Check
Malwarebytes' Anti-Malware
ERUNT
File associations
.exe=exefile
.scr=scrfile
.pif=piffile
.com=comfile
.bat=batfile
.cmd=cmdfile
.log=txtfile
.txt=txtfile
.reg=regfile
.sys=sysfile
.dll=dllfile
.ini=inifile
.inf=inffile
Running processes
PROCESS PID PRIO PATH
smss.exe 568 Normal C:\WINDOWS\System32\smss.exe
csrss.exe 656 Normal C:\WINDOWS\system32\csrss.exe
winlogon.exe 680 High C:\WINDOWS\system32\winlogon.exe
services.exe 724 Normal C:\WINDOWS\system32\services.exe
lsass.exe 736 Normal C:\WINDOWS\system32\lsass.exe
svchost.exe 884 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 932 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 992 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 1052 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 1084 Normal C:\WINDOWS\system32\svchost.exe
Explorer.EXE 1400 Normal C:\WINDOWS\Explorer.EXE
mss.exe 596 Normal C:\Documents and Settings\Administrator\Desktop\mss.exe
cmd.exe 620 Normal C:\WINDOWS\system32\cmd.exe
pv.exe 612 Normal C:\Documents and Settings\Administrator\Desktop\pv.exe
User Profile check
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
ProfilesDirectory REG_EXPAND_SZ %SystemDrive%\Documents and Settings
DefaultUserProfile REG_SZ Default User
AllUsersProfile REG_SZ All Users
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
Flags REG_DWORD 0xc
State REG_DWORD 0x0
RefCount REG_DWORD 0x1
Sid REG_BINARY 010100000000000512000000
ProfileImagePath REG_EXPAND_SZ %systemroot%\system32\config\systemprofile
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\LocalService
Sid REG_BINARY 010100000000000513000000
Flags REG_DWORD 0x9
State REG_DWORD 0x0
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0x52950fe0
ProfileLoadTimeHigh REG_DWORD 0x1cb7d2f
RefCount REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\NetworkService
Sid REG_BINARY 010100000000000514000000
Flags REG_DWORD 0x9
State REG_DWORD 0x0
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0x524ec540
ProfileLoadTimeHigh REG_DWORD 0x1cb7d2f
RefCount REG_DWORD 0x2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1078081533-1606980848-1202660629-500
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Administrator
Sid REG_BINARY 010500000000000515000000FD374240F094C85F1525AF47F4010000
Flags REG_DWORD 0x0
State REG_DWORD 0x100
CentralProfile REG_SZ
ProfileLoadTimeLow REG_DWORD 0x53ee6840
ProfileLoadTimeHigh REG_DWORD 0x1cb7d2f
RefCount REG_DWORD 0x1
RunLogonScriptSync REG_DWORD 0x0
OptimizedLogonStatus REG_DWORD 0xb
Current Scheduled Tasks
PATH: C:\Windows\Tasks
desktop.ini
SA.DAT
Windows Drivers and NT-Services
Volume in drive C has no label.
Volume Serial Number is 3816-3C47
Directory of C:\Windows\System32\Drivers
Volume in drive C has no label.
Volume Serial Number is 3816-3C47
Directory of C:\Windows\System32\Drivers
12/31/1987 08:43 PM
disdn
12/31/1987 08:45 PM etc
08/17/2001 09:46 AM 6,400 enum1394.sys
08/17/2001 09:59 AM 3,072 audstub.sys
08/17/2001 01:51 PM 3,328 pciide.sys
04/01/2002 12:15 PM 4,816 aeaudio.sys
04/08/2003 10:30 AM 3,744 smsens.sys
04/09/2003 04:48 PM 11,043 mdmxsdk.sys
10/14/2003 07:04 PM 1,043,072 HSF_DP.sys
10/14/2003 07:05 PM 679,808 HSF_CNXT.sys
10/14/2003 07:08 PM 197,120 HSFHWICH.sys
10/20/2003 07:09 PM 65,664 rmedia.sys
11/20/2003 04:15 PM 178,528 SynTP.sys
12/16/2003 02:06 PM 128,333 ask2030.cty
01/13/2004 04:40 PM 612,032 smwdm.sys
02/10/2004 11:17 AM 681,469 ialmnt5.sys
09/28/2006 03:55 PM 77,568 wudfpf.sys
09/28/2006 04:00 PM 82,944 wudfrd.sys
10/18/2006 06:00 PM 38,528 wpdusb.sys
07/26/2007 12:44 AM 2,210,048 w29n51.sys
03/21/2008 02:35 PM 146,048 portcls.sys
04/13/2008 06:05 PM 20,992 RTL8139.sys
04/13/2008 08:06 PM 14,208 battc.sys
04/13/2008 08:06 PM 13,952 CmBatt.sys
04/13/2008 08:06 PM 10,240 compbatt.sys
04/13/2008 08:10 PM 57,600 redbook.sys
04/13/2008 08:10 PM 5,504 intelide.sys
04/13/2008 10:09 PM 142,592 aec.sys
04/14/2008 12:06 AM 37,248 isapnp.sys
04/14/2008 12:06 AM 68,224 pci.sys
04/14/2008 12:09 AM 5,376 MSPCLOCK.sys
04/14/2008 12:09 AM 4,992 MSPQM.sys
04/14/2008 12:09 AM 7,552 MSKSSRV.sys
04/14/2008 12:10 AM 24,960 pciidex.sys
04/14/2008 12:10 AM 96,512 atapi.sys
04/14/2008 12:15 AM 52,864 DMusic.sys
04/14/2008 12:15 AM 6,272 splitter.sys
04/14/2008 12:15 AM 56,576 swmidi.sys
04/14/2008 12:15 AM 172,416 kmixer.sys
04/14/2008 12:15 AM 60,032 USBAUDIO.sys
04/14/2008 12:15 AM 2,944 drmkaud.sys
04/14/2008 12:15 AM 49,408 stream.sys
04/14/2008 12:15 AM 60,160 drmk.sys
04/14/2008 12:15 AM 10,368 hidusb.sys
04/14/2008 12:15 AM 20,608 usbuhci.sys
04/14/2008 12:15 AM 59,520 usbhub.sys
04/14/2008 12:15 AM 26,368 USBSTOR.SYS
04/14/2008 12:45 AM 60,800 sysaudio.sys
04/14/2008 12:46 AM 141,056 ks.sys
04/14/2008 12:47 AM 83,072 wdmaud.sys
04/14/2008 05:43 AM 40,840 termdd.sys
04/14/2008 11:00 AM 3,328 dxgthk.sys
04/14/2008 11:00 AM 5,888 dmload.sys
04/14/2008 11:00 AM 58,112 vdmindvd.sys
04/14/2008 11:00 AM 153,344 dmio.sys
04/14/2008 11:00 AM 143,744 fastfat.sys
04/14/2008 11:00 AM 27,392 fdc.sys
04/14/2008 11:00 AM 44,544 fips.sys
04/14/2008 11:00 AM 20,480 flpydisk.sys
04/14/2008 11:00 AM 129,792 fltMgr.sys
04/14/2008 11:00 AM 12,160 fsvga.sys
04/14/2008 11:00 AM 4,736 usbd.sys
04/14/2008 11:00 AM 125,056 ftdisk.sys
04/14/2008 11:00 AM 3,440,660 gm.dls
04/14/2008 11:00 AM 646 gmreadme.txt
04/14/2008 11:00 AM 144,384 hdaudbus.sys
04/14/2008 11:00 AM 36,864 hidclass.sys
04/14/2008 11:00 AM 24,960 hidparse.sys
04/14/2008 11:00 AM 799,744 dmboot.sys
04/14/2008 11:00 AM 63,744 cdfs.sys
04/14/2008 11:00 AM 18,688 cdaudio.sys
04/14/2008 11:00 AM 13,952 cbidf2k.sys
04/14/2008 11:00 AM 264,832 http.sys
04/14/2008 11:00 AM 52,480 i8042prt.sys
04/14/2008 11:00 AM 20,992 vga.sys
04/14/2008 11:00 AM 42,112 imapi.sys
04/14/2008 11:00 AM 71,168 dxg.sys
04/14/2008 11:00 AM 36,352 intelppm.sys
04/14/2008 11:00 AM 36,608 ip6fw.sys
04/14/2008 11:00 AM 32,896 ipfltdrv.sys
04/14/2008 11:00 AM 20,864 ipinip.sys
04/14/2008 11:00 AM 152,832 ipnat.sys
04/14/2008 11:00 AM 75,264 ipsec.sys
04/14/2008 11:00 AM 11,264 irenum.sys
04/14/2008 11:00 AM 4,224 beep.sys
04/14/2008 11:00 AM 24,576 kbdclass.sys
04/14/2008 11:00 AM 14,208 diskdump.sys
04/14/2008 11:00 AM 52,352 volsnap.sys
04/14/2008 11:00 AM 92,288 ksecdd.sys
04/14/2008 11:00 AM 25,728 usbcamd2.sys
04/14/2008 11:00 AM 25,600 usbcamd.sys
04/14/2008 11:00 AM 7,680 mcd.sys
04/14/2008 11:00 AM 34,560 wanarp.sys
04/14/2008 11:00 AM 63,744 mf.sys
04/14/2008 11:00 AM 4,224 mnmdd.sys
04/14/2008 11:00 AM 30,080 modem.sys
04/14/2008 11:00 AM 23,040 mouclass.sys
04/14/2008 11:00 AM 42,368 mountmgr.sys
04/14/2008 11:00 AM 15,872 usbintel.sys
04/14/2008 11:00 AM 12,800 usb8023.sys
04/14/2008 11:00 AM 262,528 cinemst2.sys
04/14/2008 11:00 AM 19,072 msfs.sys
04/14/2008 11:00 AM 35,072 msgpc.sys
04/14/2008 11:00 AM 71,552 bridge.sys
04/14/2008 11:00 AM 4,352 wmilib.sys
04/14/2008 11:00 AM 352,256 atmuni.sys
04/14/2008 11:00 AM 15,488 mssmbios.sys
04/14/2008 11:00 AM 66,048 udfs.sys
04/14/2008 11:00 AM 12,288 tunmp.sys
04/14/2008 11:00 AM 10,112 ndistapi.sys
04/14/2008 11:00 AM 14,592 ndisuio.sys
04/14/2008 11:00 AM 21,376 tsbvcap.sys
04/14/2008 11:00 AM 40,576 ndproxy.sys
04/14/2008 11:00 AM 34,688 netbios.sys
04/14/2008 11:00 AM 162,816 netbt.sys
04/14/2008 11:00 AM 61,824 nic1394.sys
04/14/2008 11:00 AM 12,032 nikedrv.sys
04/14/2008 11:00 AM 40,320 nmnt.sys
04/14/2008 11:00 AM 30,848 npfs.sys
04/14/2008 11:00 AM 51,712 tosdvd.sys
04/14/2008 11:00 AM 2,944 null.sys
04/14/2008 11:00 AM 12,416 nwlnkflt.sys
04/14/2008 11:00 AM 32,512 nwlnkfwd.sys
04/14/2008 11:00 AM 88,320 nwlnkipx.sys
04/14/2008 11:00 AM 63,232 nwlnknb.sys
04/14/2008 11:00 AM 55,936 nwlnkspx.sys
04/14/2008 11:00 AM 163,584 nwrdr.sys
04/14/2008 11:00 AM 10,496 dxapi.sys
04/14/2008 11:00 AM 3,456 oprghdlr.sys
04/14/2008 11:00 AM 42,752 p3.sys
04/14/2008 11:00 AM 80,128 parport.sys
04/14/2008 11:00 AM 19,712 partmgr.sys
04/14/2008 11:00 AM 6,784 parvdm.sys
04/14/2008 11:00 AM 55,808 atmlane.sys
04/14/2008 11:00 AM 31,360 atmepvc.sys
04/14/2008 11:00 AM 59,904 atmarpc.sys
04/14/2008 11:00 AM 120,192 pcmcia.sys
04/14/2008 11:00 AM 14,336 asyncmac.sys
04/14/2008 11:00 AM 35,840 processr.sys
04/14/2008 11:00 AM 69,120 psched.sys
04/14/2008 11:00 AM 17,792 ptilink.sys
04/14/2008 11:00 AM 12,040 tdpipe.sys
04/14/2008 11:00 AM 8,832 rasacd.sys
04/14/2008 11:00 AM 51,328 rasl2tp.sys
04/14/2008 11:00 AM 41,472 raspppoe.sys
04/14/2008 11:00 AM 48,384 raspptp.sys
04/14/2008 11:00 AM 16,512 raspti.sys
04/14/2008 11:00 AM 34,432 rawwan.sys
04/14/2008 11:00 AM 19,072 tdi.sys
04/14/2008 11:00 AM 4,224 rdpcdd.sys
04/14/2008 11:00 AM 14,976 tape.sys
04/14/2008 11:00 AM 36,736 crusoe.sys
04/14/2008 11:00 AM 60,800 arp1394.sys
04/14/2008 11:00 AM 12,032 rio8drv.sys
04/14/2008 11:00 AM 12,032 riodrv.sys
04/14/2008 11:00 AM 37,760 amdk7.sys
04/14/2008 11:00 AM 37,376 amdk6.sys
04/14/2008 11:00 AM 11,776 cpqdap01.sys
04/14/2008 11:00 AM 5,888 rootmdm.sys
04/14/2008 11:00 AM 4,352 swenum.sys
04/14/2008 11:00 AM 11,648 acpiec.sys
04/14/2008 11:00 AM 96,384 scsiport.sys
04/14/2008 11:00 AM 384,768 update.sys
04/14/2008 11:00 AM 20,480 secdrv.sys
04/14/2008 11:00 AM 15,744 serenum.sys
04/14/2008 11:00 AM 64,512 serial.sys
04/14/2008 11:00 AM 11,904 sffdisk.sys
04/14/2008 11:00 AM 10,240 sffp_mmc.sys
04/14/2008 11:00 AM 11,008 sffp_sd.sys
04/14/2008 11:00 AM 11,392 sfloppy.sys
04/14/2008 11:00 AM 14,592 smclib.sys
04/14/2008 11:00 AM 187,776 acpi.sys
04/14/2008 11:00 AM 12,032 ws2ifsl.sys
04/14/2008 11:00 AM 25,344 sonydcam.sys
04/14/2008 11:00 AM 49,536 classpnp.sys
04/14/2008 11:00 AM 73,472 sr.sys
04/22/2008 04:09 PM 32,384 usbccgp.sys
04/25/2008 10:36 AM 182,912 ndis.sys
04/25/2008 10:36 AM 91,776 ndiswan.sys
04/28/2008 10:58 AM 105,344 mup.sys
05/02/2008 09:49 AM 62,976 cdrom.sys
05/07/2008 10:12 AM 36,352 disk.sys
05/08/2008 12:58 PM 203,136 RMCast.sys
05/29/2008 11:04 AM 62,848 rspndr.sys
06/13/2008 10:27 AM 272,128 bthport.sys
07/18/2008 09:33 AM 174,848 rdbss.sys
07/28/2008 09:35 AM 225,856 tcpip6.sys
08/04/2008 12:09 PM 139,656 rdpwd.sys
09/08/2008 02:06 PM 195,712 rdpdr.sys
09/29/2008 09:50 AM 9,216 fs_rec.sys
09/29/2008 09:51 AM 133,632 exfat.sys
10/16/2008 02:07 PM 138,496 afd.sys
11/05/2008 09:06 AM 61,824 ohci1394.sys
11/20/2008 02:10 PM 92,544 mqac.sys
11/25/2008 10:42 AM 180,096 mrxdav.sys
11/25/2008 10:42 AM 30,592 rndismp.sys
12/11/2008 11:33 AM 333,952 srv.sys
12/19/2008 01:15 PM 456,704 mrxsmb.sys
01/19/2009 08:52 AM 81,792 videoprt.sys
01/23/2009 12:41 PM 53,504 1394bus.sys
03/02/2009 12:00 PM 22,024 tdtcp.sys
03/18/2009 02:02 PM 30,336 usbehci.sys
03/18/2009 02:02 PM 144,000 usbport.sys
03/20/2009 09:07 AM 80,256 sdbus.sys
03/23/2009 09:55 AM 576,512 ntfs.sys
04/18/2009 07:52 PM 361,600 tcpip.sys
04/28/2009 04:20 PM 9,072 cdr4_xp.sys
04/28/2009 04:20 PM 9,200 cdralw2k.sys
04/28/2009 04:20 PM 44,944 PxHelp20.sys
04/29/2010 03:39 PM 20,952 mbam.sys
04/29/2010 03:39 PM 38,224 mbamswissarmy.sys
09/07/2010 03:48 AM 26,064 avgrkx86.sys
09/07/2010 03:48 AM 249,424 avgldx86.sys
09/07/2010 03:48 AM 34,384 avgmfx86.sys
09/13/2010 04:27 PM 25,680 AVGIDSEH.sys
10/23/2010 01:04 PM UMDF
11/05/2010 01:55 AM ..
11/05/2010 01:55 AM .
11/05/2010 05:06 PM AVG
213 File(s) 22,958,031 bytes
6 Dir(s) 5,802,553,344 bytes free
Stealth malware?
Internet Explorer
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Default_Page_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896
Default_Secondary_Page_URL REG_MULTI_SZ \0
Search Page REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896
Enable_Disk_Cache REG_SZ yes
Cache_Percent_of_Disk REG_BINARY 0A000000
Delete_Temp_Files_On_Exit REG_SZ yes
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Anchor_Visitation_Horizon REG_BINARY 01000000
Use_Async_DNS REG_SZ yes
Placeholder_Width REG_BINARY 1A000000
Placeholder_Height REG_BINARY 1A000000
Extensions Off Page REG_SZ about:NoAdd-ons
Security Risk Page REG_SZ about:SecurityRisk
Start Page REG_SZ http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\ErrorThresholds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\UrlTemplate
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
EnableNegotiate REG_DWORD 0x1
User Agent REG_SZ Mozilla/4.0 (compatible; MSIE 8.0; Win32)
IE5_UA_Backup_Flag REG_SZ 5.0
GlobalUserOffline REG_DWORD 0x0
MigrateProxy REG_DWORD 0x1
ProxyEnable REG_DWORD 0x0
EmailName REG_SZ IEUser@
AutoConfigProxy REG_SZ wininet.dll
MimeExclusionListForCache REG_SZ multipart/mixed multipart/x-mixed-replace multipart/x-byteranges
WarnOnPost REG_BINARY 01000000
UseSchannelDirectly REG_BINARY 01000000
EnableHttp1_1 REG_DWORD 0x1
UrlEncoding REG_DWORD 0x0
SecureProtocols REG_DWORD 0xa0
PrivDiscUiShown REG_DWORD 0x1
PrivacyAdvanced REG_DWORD 0x0
ZonesSecurityUpgrade REG_BINARY E0091BC7D672CB01
DisableCachingOfSSLPages REG_DWORD 0x0
WarnonZoneCrossing REG_DWORD 0x0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CACHE
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main
NoUpdateCheck REG_DWORD 0x1
NoJITSetup REG_DWORD 0x1
Disable Script Debugger REG_SZ yes
Anchor Underline REG_SZ yes
Cache_Update_Frequency REG_SZ Once_Per_Session
Display Inline Images REG_SZ yes
Do404Search REG_BINARY 01000000
Local Page REG_SZ C:\WINDOWS\system32\blank.htm
Save_Session_History_On_Exit REG_SZ no
Show_FullURL REG_SZ no
Show_StatusBar REG_SZ yes
Show_ToolBar REG_SZ yes
Show_URLinStatusBar REG_SZ yes
Show_URLToolBar REG_SZ yes
Use_DlgBox_Colors REG_SZ yes
Search Page REG_SZ http://go.microsoft.com/fwlink/?LinkId=54896
XMLHTTP REG_DWORD 0x1
UseClearType REG_SZ yes
Enable Browser Extensions REG_SZ yes
Play_Background_Sounds REG_SZ yes
Play_Animations REG_SZ yes
Start Page REG_SZ http://www.ask.com?o=15007&l=dis
CompatibilityFlags REG_DWORD 0x0
FullScreen REG_SZ no
Window_Placement REG_BINARY 2C00000002000000030000000083FFFF0083FFFFFFFFFFFFFFFFFFFF2700000027000000470300007F020000
IE8RunOnceLastShown REG_DWORD 0x1
IE8RunOnceLastShown_TIMESTAMP REG_BINARY 00584D37A57CCB01
IE8TourShown REG_DWORD 0x1
IE8TourShownTime REG_BINARY D08DC31FD772CB01
Start Page Redirect Cache REG_SZ http://www.msn.com/
Start Page Redirect Cache_TIMESTAMP REG_BINARY F0A2B263A378CB01
Start Page Redirect Cache AcceptLangs REG_SZ en-us
Use FormSuggest REG_SZ yes
NotifyDownloadComplete REG_SZ yes
Check_Associations REG_SZ no
Save Directory REG_SZ C:\Documents and Settings\Administrator\My Documents\New Folder\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default Feeds
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} REG_SZ
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel
Security Center
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
FirstRunDisabled REG_DWORD 0x1
AntiVirusOverride REG_DWORD 0x0
FirewallOverride REG_DWORD 0x0
AntiVirusDisableNotify REG_DWORD 0x0
FirewallDisableNotify REG_DWORD 0x0
UpdatesDisableNotify REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall
This System Tool 2011 sucks moose... on Fri Nov 05, 2010 5:42 pm
Mon May 21, 2012 7:06 pm by 
