HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216024FF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{31B27B28-5E06-4483-A363-8D1F2A97D38D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3E8C2BA2-F4CA-4A1D-A690-6B9A411DAF8B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4286E640-B5FB-11DF-AC4B-005056C00008}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{49F2B650-2D7B-4F59-B33D-346F63776BD3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4D04C9A1-F28C-4F6F-9D66-81BB000693D9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{57752979-A1C9-4C02-856B-FBB27AC4E02C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612F4E20-3661-4D44-AD79-823F1B613FB3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{73568F76-7A37-9DB4-73B1-11DCF1A2FC52}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{77DCDCE3-2DED-62F3-8154-05E745472D07}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7A7DC702-DEDE-42A8-8722-B3BA724D546F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{87E2B986-07E8-477a-93DC-AF0B6758B192}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8CE4CB34-8187-42A1-B597-517760BEE8EC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{978C25EE-5777-46e4-8988-732C297CBDBD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A06275F4-324B-4E85-95E6-87B2CD729401}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A36CD345-625C-4d6c-B3E2-76E1248CB451}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-A94000000001}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BB8B979E-E336-47E7-96BC-1031C1B94561}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE77A81F-B315-4666-9BF3-AE70C0ADB057}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C716522C-3731-4667-8579-40B098294500}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DBD90220-6A77-F6F0-6CCB-39FB90FE290B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ECAD4F6A-0BF3-4028-9C81-E5D9F9606CBA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE6097DD-05F4-4178-9719-D3170BF098E8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F05A5232-CE5E-4274-AB27-44EB8105898D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F44DA61E-720D-4E79-871F-F6E628B33242}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FF075778-6E50-47ed-991D-3B07FD4E3250}
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoToMeeting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Move Media Player
Adobe Products ! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX
DisplayName REG_SZ Adobe Flash Player 10 ActiveX
Publisher REG_SZ Adobe Systems Incorporated
DisplayVersion REG_SZ 10.3.181.14
HelpLink REG_SZ http://www.adobe.com/go/flashplayer_support/
NoModify REG_DWORD 0x1
NoRepair REG_DWORD 0x1
RequiresIESysFile REG_SZ 4.70.0.1155
URLInfoAbout REG_SZ http://www.adobe.com
URLUpdateInfo REG_SZ http://www.adobe.com/go/getflashplayer/
VersionMajor REG_DWORD 0xa
VersionMinor REG_DWORD 0x3
UninstallString REG_SZ C:\WINDOWS\system32\Macromed\Flash\FlashUtil10q_ActiveX.exe -maintain activex
DisplayIcon REG_SZ C:\WINDOWS\system32\Macromed\Flash\FlashUtil10q_ActiveX.exe
EstimatedSize REG_DWORD 0x1800
Autorun ! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ComcastAntispyClient REG_SZ "C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
IgfxTray REG_SZ C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds REG_SZ C:\WINDOWS\system32\hkcmd.exe
Persistence REG_SZ C:\WINDOWS\system32\igfxpers.exe
RTHDCPL REG_SZ RTHDCPL.EXE
SkyTel REG_SZ SkyTel.EXE
NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
HPDJ Taskbar Utility REG_SZ C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Adobe ARM REG_SZ "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
HP Software Update REG_SZ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
SunJavaUpdateSched REG_SZ "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
Restrictions - Internet Explorer ! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel
Restrictions - REGEDIT ! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
Restrictions - Explorer ! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoDriveTypeAutoRun REG_DWORD 0x143
NoDriveAutoRun REG_DWORD 0x3ffffff
NoDrives REG_DWORD 0x0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
DNS Settings ! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{22C03275-6FB2-455F-B9A2-F055DAECD836}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{8548FDB3-2ACA-4F77-B991-4693D1741D0F}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C4D127A4-391C-40A6-B1BE-626210FBA7F9}
Windows IP Configuration
Host Name . . . . . . . . . . . . : owner-953aa3a1f
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ga.comcast.net.
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : hsd1.ga.comcast.net.
Description . . . . . . . . . . . : Atheros L2 Fast Ethernet 10/100 Base-T Controller
Physical Address. . . . . . . . . : 00-22-15-8D-DC-23
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 71.56.98.76
Subnet Mask . . . . . . . . . . . : 255.255.248.0
Default Gateway . . . . . . . . . : 71.56.96.1
DHCP Server . . . . . . . . . . . : 68.87.68.13
DNS Servers . . . . . . . . . . . : 68.87.68.166
68.87.74.166
Lease Obtained. . . . . . . . . . : Thursday, June 02, 2011 7:01:42 AM
Lease Expires . . . . . . . . . . : Saturday, June 04, 2011 8:04:27 AM
AppInit DLLs ! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Shell Service Object Delay Load ! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
PostBootReminder REG_SZ {7849596a-48ea-486e-8937-a2a3009f31a9}
CDBurn REG_SZ {fbeb8a05-beee-4442-804e-409d6c4515e9}
WebCheck REG_SZ {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
SysTray REG_SZ {35CEC8A3-2BE6-11D2-8773-92E220524153}
WPDShServiceObj REG_SZ {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
Shell Execute Hooks ! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} REG_SZ Microsoft AntiMalware ShellExecuteHook
Image File Execution Options ! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apitrap.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ASSTE.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVSTE.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Cleanup.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cqw32.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divxdec.ax
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DJSMAR00.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DRMINST.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\enc98.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EncodeDivXExt.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EncryptPatchVer.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\front.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fullsoft.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GBROWSER.DLL
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htmlmarq.ocx
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htmlmm.ocx
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ishscan.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ISSTE.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javai.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm_g.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\main123w.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mngreg32.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msci_uno.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscoree.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorsvr.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorwks.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msjava.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mso.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVOPTRF.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NeVideoFX.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPMLIC.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NSWSTE.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photohse.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PMSTE.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ppw32hlp.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\printhse.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prwin8.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ps80.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psdmt.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qfinder.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qpw.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\salwrap.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup32.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sevinst.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcnet.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tcore_ebook.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TFDTCTT8.DLL
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ua80.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\udtapi.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ums.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vb40032.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbe6.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wpwin8.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xlmlEN.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xwsetup.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_INSTPGM.EXE
Security Providers Local Security Authority ! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Bounds REG_BINARY 0030000000200000
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
ImpersonatePrivilegeUpgradeToolHasRun REG_DWORD 0x1
LsaPid REG_DWORD 0x2e8
SecureBoot REG_DWORD 0x1
auditbaseobjects REG_DWORD 0x0
crashonauditfail REG_DWORD 0x0
disabledomaincreds REG_DWORD 0x0
everyoneincludesanonymous REG_DWORD 0x0
fipsalgorithmpolicy REG_DWORD 0x0
forceguest REG_DWORD 0x1
fullprivilegeauditing REG_BINARY 00
limitblankpassworduse REG_DWORD 0x1
lmcompatibilitylevel REG_DWORD 0x0
nodefaultadminowner REG_DWORD 0x1
nolmhash REG_DWORD 0x0
restrictanonymous REG_DWORD 0x0
restrictanonymoussam REG_DWORD 0x1
Notification Packages REG_MULTI_SZ scecli\0\0
enabledcom REG_SZ y
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\AccessProviders
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Audit
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Data
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\GBG
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\JD
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Kerberos
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\MSV1_0
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\Skew1
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SSO
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\SspiCache
AppCert DLLs App Paths ! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\AcroRd32.exe
REG_SZ C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
Path REG_SZ C:\Program Files\Adobe\Reader 9.0\Reader\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\BackItUp.EXE
REG_SZ C:\Program Files\Ahead\Nero BackItUp\BackItUp.exe
Path REG_SZ C:\Program Files\Ahead\Nero BackItUp
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\bckgzm.exe
REG_SZ C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\chkrzm.exe
REG_SZ C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\cmmgr32.exe
REG_SZ C:\WINDOWS\system32\cmmgr32.exe
Path REG_SZ C:\WINDOWS\system32
CmstpExtensionDll REG_SZ C:\WINDOWS\system32\cmcfg32.dll
CMInternalVersion REG_SZ 1.2
CmNative REG_DWORD 0x1
ProfilesUpgraded REG_DWORD 0x2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\combofix.exe
REG_SZ C:\Documents and Settings\Owner\Desktop\ComboFix.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\CONF.EXE
REG_SZ C:\Program Files\NetMeeting\conf.exe
Path REG_SZ C:\Program Files\NetMeeting;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\dialer.exe
REG_SZ C:\Program Files\Windows NT\dialer.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\HELPCTR.EXE
REG_EXPAND_SZ %Systemroot%\PCHealth\HelpCtr\Binaries\HelpCtr.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\hpqqpawp.exe
Path REG_SZ C:\Program Files\Common Files\HP\Digital Imaging\Bin
REG_SZ C:\Program Files\HP\Digital Imaging\Bin\hpqqpawp.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\hrtzzm.exe
REG_SZ C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\hypertrm.exe
REG_SZ "C:\Program Files\Windows NT\hypertrm.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ICWCONN1.EXE
REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN1.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ICWCONN2.EXE
REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ICWCONN2.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\IEXPLORE.EXE
REG_SZ C:\Program Files\Internet Explorer\IEXPLORE.EXE
Path REG_SZ C:\Program Files\Internet Explorer;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\INETWIZ.EXE
REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\INETWIZ.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\install.exe
RunAsOnNonAdminInstall REG_DWORD 0x1
BlockOnTSNonInstallMode REG_DWORD 0x1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\ISIGNUP.EXE
REG_SZ "C:\Program Files\Internet Explorer\Connection Wizard\ISIGNUP.EXE"
Path REG_SZ C:\Program Files\Internet Explorer\Connection Wizard;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\javaws.exe
REG_SZ C:\Program Files\Java\jre6\bin\javaws.exe
Path REG_SZ C:\Program Files\Java\jre6\bin
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\mbam.exe
REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
Path REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\migwiz.exe
REG_EXPAND_SZ %SystemRoot%\system32\usmt\migwiz.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\moviemk.exe
REG_SZ C:\Program Files\Movie Maker\moviemk.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\mplayer2.exe
REG_SZ "C:\Program Files\Windows Media Player\mplayer2.exe"
Path REG_SZ "C:\Program Files\Windows Media Player"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSCONFIG.EXE
REG_EXPAND_SZ %systemroot%\pchealth\helpctr\Binaries\MSCONFIG.EXE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msimn.exe
REG_EXPAND_SZ %ProgramFiles%\Outlook Express\msimn.exe
Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\msinfo32.exe
REG_SZ C:\Program Files\Common Files\Microsoft Shared\MSInfo\MSInfo32.exe
Path REG_SZ C:\Program Files\Common Files\Microsoft Shared\MSInfo
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\MSMSGS.EXE
REG_SZ C:\Program Files\Messenger\msmsgs.exe
Path REG_SZ C:\Program Files\Messenger;
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\NCoverEd.exe
REG_SZ C:\Program Files\Ahead\CoverDesigner\CoverDes.exe
Path REG_SZ C:\Program Files\Ahead\CoverDesigner
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\nero.exe
REG_SZ C:\Program Files\Ahead\nero\nero.exe
Path REG_SZ C:\Program Files\Ahead\Nero
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\NeroStartSmart.exe
REG_SZ C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe
Path REG_SZ C:\Program Files\Ahead\Nero StartSmart
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\pbrush.exe
REG_EXPAND_SZ %SystemRoot%\system32\mspaint.exe
Path REG_EXPAND_SZ %SystemRoot%\system32
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\PhotoImpression.exe
Path REG_SZ C:\Program Files\ArcSoft\PhotoImpression 5
REG_SZ C:\Program Files\ArcSoft\PhotoImpression 5\PhotoImpression.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\PictureViewer.exe
Path REG_SZ C:\Program Files\QuickTime\
REG_SZ C:\Program Files\QuickTime\PictureViewer.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\pinball.exe
REG_SZ C:\Program Files\Windows NT\Pinball\pinball.exe
Path REG_SZ C:\Program Files\Windows NT\Pinball
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\PowerDVD
Path REG_SZ C:\Program Files\CyberLink\PowerDVD
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\QuickTimePlayer.exe
REG_SZ C:\Program Files\QuickTime\QuickTimePlayer.exe
Path REG_SZ C:\Program Files\QuickTime\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\Rhapsody.exe
Path REG_SZ C:\Program Files\Comcast Rhapsody\
REG_SZ C:\Program Files\Comcast Rhapsody\rhapsody.exe
Version REG_SZ 4.0.5.337
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\rvsezm.exe
REG_SZ C:\Program Files\MSN Gaming Zone\Windows\rvsezm.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\sbase.exe
REG_SZ C:\Program Files\OpenOffice.org 3\program\sbase.exe
Path REG_SZ C:\Program Files\OpenOffice.org 3\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\scalc.exe
REG_SZ C:\Program Files\OpenOffice.org 3\program\scalc.exe
Path REG_SZ C:\Program Files\OpenOffice.org 3\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\sdraw.exe
REG_SZ C:\Program Files\OpenOffice.org 3\program\sdraw.exe
Path REG_SZ C:\Program Files\OpenOffice.org 3\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\setup.exe
RunAsOnNonAdminInstall REG_DWORD 0x1
BlockOnTSNonInstallMode REG_DWORD 0x1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\shvlzm.exe
REG_SZ C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\simpress.exe
REG_SZ C:\Program Files\OpenOffice.org 3\program\simpress.exe
Path REG_SZ C:\Program Files\OpenOffice.org 3\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\smath.exe
REG_SZ C:\Program Files\OpenOffice.org 3\program\smath.exe
Path REG_SZ C:\Program Files\OpenOffice.org 3\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\soffice.exe
REG_SZ C:\Program Files\OpenOffice.org 3\program\soffice.exe
Path REG_SZ C:\Program Files\OpenOffice.org 3\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\swriter.exe
REG_SZ C:\Program Files\OpenOffice.org 3\program\swriter.exe
Path REG_SZ C:\Program Files\OpenOffice.org 3\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\table30.exe
UseShortName REG_SZ
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\unopkg.exe
REG_SZ C:\Program Files\OpenOffice.org 3\program\unopkg.exe
Path REG_SZ C:\Program Files\OpenOffice.org 3\
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wab.exe
REG_EXPAND_SZ %ProgramFiles%\Outlook Express\wab.exe
Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wabmig.exe
REG_EXPAND_SZ %ProgramFiles%\Outlook Express\wabmig.exe
Path REG_EXPAND_SZ %ProgramFiles%\Outlook Express
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\winnt32.exe
RunAsOnNonAdminInstall REG_DWORD 0x1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WMPBurn.exe
REG_SZ C:\Program Files\Ahead\WMPBurn\WMPBurn.exe
Path REG_SZ C:\Program Files\Ahead\WMPBurn
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\wmplayer.exe
REG_SZ C:\Program Files\Windows Media Player\wmplayer.exe
Path REG_SZ C:\Program Files\Windows Media Player
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WORDPAD.EXE
REG_EXPAND_SZ "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\WRITE.EXE
REG_EXPAND_SZ "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"
Mozilla
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions
jqs@sun.com REG_EXPAND_SZ C:\Program Files\Java\jre6\lib\deploy\jqs\ff
Shared Task Scheduler
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{438755C2-A8BA-11D1-B96B-00A0C90312E1} REG_SZ Browseui preloader
{8C7461EF-2B13-11d2-BE35-3078302C2030} REG_SZ Component Categories cache daemon
SafeBoot
SafeBootMinimal
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
SafeBootNetwork
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmadmin
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmboot.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmio.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmload.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dmserver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ip6fw.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NtLmSsp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpcdd.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpdd.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpwd.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sr.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SRService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdpipe.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tdtcp.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\termservice
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WZCSVC
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
File Rename Operations - Session
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations
Known DLLs - Session
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls
advapi32 REG_SZ advapi32.dll
comdlg32 REG_SZ comdlg32.dll
DllDirectory REG_EXPAND_SZ %SystemRoot%\system32
gdi32 REG_SZ gdi32.dll
imagehlp REG_SZ imagehlp.dll
kernel32 REG_SZ kernel32.dll
lz32 REG_SZ lz32.dll
ole32 REG_SZ ole32.dll
oleaut32 REG_SZ oleaut32.dll
olecli32 REG_SZ olecli32.dll
olecnv32 REG_SZ olecnv32.dll
olesvr32 REG_SZ olesvr32.dll
olethk32 REG_SZ olethk32.dll
rpcrt4 REG_SZ rpcrt4.dll
shell32 REG_SZ shell32.dll
url REG_SZ url.dll
urlmon REG_SZ urlmon.dll
user32 REG_SZ user32.dll
version REG_SZ version.dll
wininet REG_SZ wininet.dll
wldap32 REG_SZ wldap32.dll
Downloaded program files (ActiveX)
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}
PATH: C:\windows\Downloaded Program Files
FP_AX_CAB_INSTALLER.exe
jinstall-6u12.inf
muweb.inf
swflash.inf
Mountpoints
! REG.EXE VERSION 3.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\A
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{09b44fc2-0273-11de-b03a-806d6172696f}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{09b44fc3-0273-11de-b03a-806d6172696f}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e3e1a252-0271-11de-ac52-806d6172696f}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC
Winlogon
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
AutoRestartShell REG_DWORD 0x1
DefaultDomainName REG_SZ OWNER-953AA3A1F
DefaultUserName REG_SZ Owner
LegalNoticeCaption REG_SZ
LegalNoticeText REG_SZ
PowerdownAfterShutdown REG_SZ 0
ReportBootOk REG_SZ 1
Shell REG_SZ Explorer.exe
ShutdownWithoutLogon REG_SZ 0
System REG_SZ
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
VmApplet REG_SZ rundll32 shell32,Control_RunDLL "sysdm.cpl"
SfcQuota REG_DWORD 0xffffffff
allocatecdroms REG_SZ 0
allocatedasd REG_SZ 0
allocatefloppies REG_SZ 0
cachedlogonscount REG_SZ 10
forceunlocklogon REG_DWORD 0x0
passwordexpirywarning REG_DWORD 0xe
scremoveoption REG_SZ 0
AllowMultipleTSSessions REG_DWORD 0x1
UIHost REG_EXPAND_SZ logonui.exe
LogonType REG_DWORD 0x1
Background REG_SZ 0 0 0
DebugServerCommand REG_SZ no
SFCDisable REG_DWORD 0x0
WinStationsDisabled REG_SZ 0
HibernationPreviouslyEnabled REG_DWORD 0x1
ShowLogonOptions REG_DWORD 0x0
AltDefaultUserName REG_SZ Owner
AltDefaultDomainName REG_SZ OWNER-953AA3A1F
ChangePasswordUseKerberos REG_DWORD 0x1
LegalNotice Text REG_SZ
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Credentials
Windows Update
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\windowsupdate\auto update\results\install
LastSuccessTime REG_SZ 2011-05-31 12:06:44
LastError REG_DWORD 0x0
Security Software Information
*Note*: Some security software does not store itself in the WMI.
{END OF FILE}