< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 22/10/2006 22:08:42 | Attr = ]
{AE7CD045-E861-484f-8273-0445EE161910} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF Conversion Toolbar Helper] -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
< Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{182EC0BE-5110-49C8-A062-BEB1D02A220B} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-299502267-963894560-725345543-1003\] > -> HKEY_USERS\S-1-5-21-299502267-963894560-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [Adobe PDF] -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Append to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert link target to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert link target to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert selected links to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert selected links to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert selection to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert selection to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
< Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xport to Microsoft Excel -> %SystemDrive%\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xport to Microsoft Excel -> %SystemDrive%\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-299502267-963894560-725345543-1003\] > -> HKEY_USERS\S-1-5-21-299502267-963894560-725345543-1003\Software\Microsoft\Internet Explorer\MenuExt\ ->
Append to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert link target to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert link target to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert selected links to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert selected links to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert selection to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert selection to existing PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
Convert to Adobe PDF -> %ProgramFiles%\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll -> Unable to obtain MD5 | Adobe Systems Incorporated [Ver = 8.1.0.0 | Size = 321120 bytes | Modified Date = 29/03/2007 21:11:22 | Attr = ]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage ->
http://activex.micro...d...=%s&mime=%s ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{26B337AB-AA70-4EEF-844C-3A6E6451F64B} -> (Sony Ericsson Device 069 USB Ethernet Emulation (NDIS 5)) ->
{28BBBB4A-B713-49CE-BAC4-AABA146F0A0D} -> (1394 Net Adapter) ->
{502D1DA0-4EF1-4132-A23C-B9F465B4B72A} -> () ->
{765DACF6-5B75-41A0-B3BD-42C491C94C85} -> (Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC) ->
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -> %ProgramFiles%\Bonjour\mdnsNSP.dll -> MD5 = 1F5A570AD942DFCFE4500326ABDD72B2 | Apple Computer, Inc. [Ver = 1,0,3,1 | Size = 94208 bytes | Modified Date = 28/02/2006 11:42:30 | Attr = ]
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
msdaipp: [HKEY_LOCAL_MACHINE] -> No CLSID value
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{001EE746-A1F9-460E-80AD-269E088D6A01}[HKEY_LOCAL_MACHINE] ->
http://site.ebrary.c...s/ebraryRdr.cab[Infotl Control] ->
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}[HKEY_LOCAL_MACHINE] ->
http://www.kaspersky...can_unicode.cab[CKAVWebScan Object] ->
{A90A5822-F108-45AD-8482-9BC8B12DD539}[HKEY_LOCAL_MACHINE] ->
http://crucial.com/c.../cpcScanner.cab[Crucial cpcScan] ->
{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876}[HKEY_LOCAL_MACHINE] ->
http://support.f-sec...m/ols/fscax.cab[F-Secure Online Scanner 3.3] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] ->
http://fpdownload2.m...ash/swflash.cab[Shockwave Flash Object] ->
[Registry - Additional Scans - Non-Microsoft Only]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> -> File not found
.cmd [@ = cmdfile] -> -> File not found
.com [@ = comfile] -> -> File not found
.exe [@ = exefile] -> -> File not found
.html [@ = htmlfile] -> %ProgramFiles%\Avant Browser\avant.exe -> MD5 = 649079F7FD1EDC8890627C1A0E23AA9F | [Ver = 11.5.0.0 | Size = 1413632 bytes | Modified Date = 27/09/2007 06:19:02 | Attr = ]
.url [@ = InternetShortcut] -> %ProgramFiles%\Avant Browser\avant.exe -> MD5 = 649079F7FD1EDC8890627C1A0E23AA9F | [Ver = 11.5.0.0 | Size = 1413632 bytes | Modified Date = 27/09/2007 06:19:02 | Attr = ]
.pif [@ = piffile] -> -> File not found
.scr [@ = scrfile] -> -> File not found
< Security Settings > -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> MD5 = 8F078AE4ED187AAABC0A305146DE6716 | Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 03/08/2004 23:56:58 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Background Intelligent Transfer Service ->
*DependOnService* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService ->
RpcSs -> %SystemRoot%\system32\rpcss.dll -> MD5 = B1CD945981445A170ECC710E8A0EC688 | Microsoft Corporation [Ver = 5.1.2600.3124 (xpsp_sp2_qfe.070423-0026) | Size = 399360 bytes | Modified Date = 20/09/2007 04:49:14 | Attr = ]
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\FailureActions -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> C:\WINDOWS\system32\qmgr.dll [%systemroot%\system32\qmgr.dll] -> MD5 = 17A0D43C80DB5348759C649835A78CFC | Microsoft Corporation [Ver = 6.7.2600.3143 (xpsp_sp2_qfe.070524-0110) | Size = 408064 bytes | Modified Date = 20/09/2007 04:49:13 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\0 -> Root\LEGACY_BITS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\System32\svchost.exe -k netsvcs] -> MD5 = 8F078AE4ED187AAABC0A305146DE6716 | Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 03/08/2004 23:56:58 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 11477 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> MD5 = 36CC8C01B5E50163037BEF56CB96DEFF | Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 03/08/2004 23:56:44 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> MD5 = CEBED017C4965FC4407CCD986AE0A528 | Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 20/09/2007 04:35:23 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> MD5 = 729798E0933076B8FCFCD9934698F164 | Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 03/08/2004 23:56:58 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> MD5 = A8972A2F9A744DD5EE0BFE429D767F1C | Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 11:34:02 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> MD5 = 16E7ED9A3DF83B1AC399DF4F31B21DB9 | Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 02/10/2007 17:18:24 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:*:Enabled:@xpsp2res.dll,-22004 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:*:Enabled:@xpsp2res.dll,-22005 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:*:Enabled:@xpsp2res.dll,-22001 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:*:Enabled:@xpsp2res.dll,-22002 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> MD5 = CEBED017C4965FC4407CCD986AE0A528 | Microsoft Corporation [Ver = 5.1.2600.3012 (xpsp.061010-0355) | Size = 557568 bytes | Modified Date = 20/09/2007 04:35:23 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> MD5 = 729798E0933076B8FCFCD9934698F164 | Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 03/08/2004 23:56:58 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -> C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server] -> MD5 = 14C23516C990DCD6052152CF034DDE40 | Adobe Systems Incorporated [Ver = 3, 0, 0, 0 | Size = 153792 bytes | Modified Date = 20/03/2007 15:41:24 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Avant Browser\avant.exe -> C:\Program Files\Avant Browser\avant.exe [C:\Program Files\Avant Browser\avant.exe:*:Enabled:Avant Browser] -> MD5 = 649079F7FD1EDC8890627C1A0E23AA9F | [Ver = 11.5.0.0 | Size = 1413632 bytes | Modified Date = 27/09/2007 06:19:02 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Sorenson Media\Sorenson Squeeze\Squeeze.exe -> C:\Program Files\Sorenson Media\Sorenson Squeeze\Squeeze.exe [C:\Program Files\Sorenson Media\Sorenson Squeeze\Squeeze.exe:*:Enabled:Squeeze Application] -> MD5 = 396F0D206DFA72B78BD8184EB98CF7FA | Sorenson Media Inc. [Ver = 4, 2, 301, 6 | Size = 2940928 bytes | Modified Date = 16/09/2005 09:37:58 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\InterVideo\DVD8\WinDVD.exe -> C:\Program Files\InterVideo\DVD8\WinDVD.exe [C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Enabled:WinDVD] -> MD5 = AB401EA7E5500DEA63671546AFE4ECBF | InterVideo Inc. [Ver = 8.0.6.109 | Size = 726552 bytes | Modified Date = 05/02/2007 17:33:18 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\AfterFX.exe -> C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\AfterFX.exe [C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\AfterFX.exe:*:Enabled:Adobe After Effects CS3] -> MD5 = 5A0E113790707351FCAE4A36BCBF2DC5 | Adobe Systems Incorporated [Ver = 8.0 | Size = 177664 bytes | Modified Date = 29/04/2007 03:40:44 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook] -> MD5 = 0F96A34D03D6DE3A4EBF5E34A4F71DD7 | Microsoft Corporation [Ver = 12.0.6300.5000 | Size = 12829216 bytes | Modified Date = 12/12/2007 23:56:18 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\GROOVE.EXE -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE [C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove] -> MD5 = F7351DE406289F3A2FC6E0586A24082F | Microsoft Corporation [Ver = 12.0.4518.1014 | Size = 338216 bytes | Modified Date = 27/10/2006 15:37:44 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote] -> MD5 = C6408B67C2DBD2158E189E1C9C894925 | Microsoft Corporation [Ver = 12.0.4518.1014 | Size = 1018664 bytes | Modified Date = 27/10/2006 15:03:04 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\William Hill Poker\UA.exe -> C:\Program Files\William Hill Poker\UA.exe [C:\Program Files\William Hill Poker\UA.exe:*:Enabled:UA Application] -> MD5 = BDC2EF7F14820BDE3F68B8A78C97188A | [Ver = 5, 0, 0, 0 | Size = 18944 bytes | Modified Date = 24/08/2005 16:28:18 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> MD5 = A8972A2F9A744DD5EE0BFE429D767F1C | Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 18/10/2007 11:34:02 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> MD5 = 16E7ED9A3DF83B1AC399DF4F31B21DB9 | Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 02/10/2007 17:18:24 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3703:TCP -> 3703:TCP:*:Enabled:Adobe Version Cue CS3 Server ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3704:TCP -> 3704:TCP:*:Enabled:Adobe Version Cue CS3 Server ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\50900:TCP -> 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\50901:TCP -> 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> MD5 = 8F078AE4ED187AAABC0A305146DE6716 | Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 03/08/2004 23:56:58 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> MD5 = D29AD7484B98279ED21877DE051A180F | Microsoft Corporation [Ver = 7.0.6000.381 (winmain(wmbla).070730-1740) | Size = 25944 bytes | Modified Date = 20/09/2007 04:49:32 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Adobe Acrobat\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Adobe Acrobat\8.0\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Adobe Acrobat\8.0\FeatureLockDown\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Adobe Acrobat\8.0\FeatureLockDown\cDefaultExecMenuItems\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Adobe Acrobat\8.0\FeatureLockDown\cDefaultExecMenuItems\\tWhiteList -> Close|GeneralInfo|Quit|FirstPage|PrevPage|NextPage|LastPage|ActualSize|FitPage|F
itWidth|FitHeight|SinglePage|OneColumn|TwoPages|TwoColumns|ZoomViewIn|ZoomViewOut
|ShowHideBookmarks|ShowHideThumbnails|Print|GoToPage|ZoomTo|GeneralPrefs|SaveAs|F
ullScreen|OpenOrganizer|Scan|Web2PDF:OpnURL|AcroSendMail:SendMail|Spelling:Check Spelling|PageSetup|Find|FindSearch|GoBack|GoForward|FitVisible|ShowHideToolbarEd
iting|ShowHideToolbarCommenting|ShowHideToolbarEdit|ShowHideToolbarFile|ShowHideT
oolbarFind|ShowHideToolbarForms|ShowHideToolbarMeasuring|ShowHideToolbarData|Show
HideToolbarPageDisplay|ShowHideToolbarNavigation|ShowHideToolbarPrintProduction|S
howHideToolbarRedaction|ShowHideToolbarBasicTools|ShowHideToolbarTasks|ShowHideTo
olbarTypewriter|PropertyToolbar|ShowHideArticles|ShowHideFileAttachment|ShowHideA
nnotManager|ShowHideFields|ShowHideOptCont|ShowHideModelTree|ShowHideSignatures|I
nsertPages|ExtractPages|ReplacePages|DeletePages|CropPages|RotatePages|AddFileAtt
achment|FindCurrentBookmark|BookmarkShowLocation|GoBackDoc|GoForward|DocHelpUserG
uide|HelpReader ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Adobe Acrobat\8.0\FeatureLockDown\cDefaultLaunchAttachmentPerms\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Adobe Acrobat\8.0\FeatureLockDown\cDefaultLaunchAttachmentPerms\\tBuiltInPermList -> version:1|.ade:3|.adp:3|.app:3|.asp:3|.bas:3|.bat:3|.bz:3|.bz2:3|.chm:3|.class:3
|.cmd:3|.com:3|.command:3|.cpl:3|.crt:3|.csh:3|.desktop:3|.exe:3|.fxp:3|.gz:3|.he
x:3|.hlp:3|.hqx:3|.hta:3|.inf:3|.ini:3|.ins:3|.isp:3|.its:3|.job:3|.js:3|.jse:3|.
ksh:3|.lnk:3|.lzh:3|.mad:3|.maf:3|.mag:3|.mam:3|.maq:3|.mar:3|.mas:3|.mat:3|.mau:
3|.mav:3|.maw:3|.mda:3|.mde:3|.mdt:3|.mdw:3|.mdz:3|.msc:3|.msi:3|.msp:3|.mst:3|.o
cx:3|.ops:3|.pcd:3|.pi:3|.pif:3|.prf:3|.prg:3|.pst:3|.rar:3|.reg:3|.scf:3|.scr:3|
.sct:3|.sea:3|.shb:3|.shs:3|.sit:3|.tar:3|.tgz:3|.tmp:3|.url:3|.vb:3|.vbe:3|.vbs:
3|.vsmacros:3|.vss:3|.vst:3|.vsw:3|.webloc:3|.ws:3|.wsc:3|.wsf:3|.wsh:3|.zip:3|.z
lo:3|.zoo:3|.pdf:2|.fdf:2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Adobe Acrobat\8.0\FeatureLockDown\cDefaultLaunchURLPerms\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Adobe\Adobe Acrobat\8.0\FeatureLockDown\cDefaultLaunchURLPerms\\tSchemePerms -> version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp:3|disks:3|telnet:3|ssh:3|acrobat:2|m
ailto:2|file:1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Conferencing\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\\PreventRun -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Messenger\Client\\PreventAutoRun -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\DisableServerCheck -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\LegacyPresence -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\CertificatePolicy\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\PortRange\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\\EnableAdminTSRemote -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->
*ExecutableTypes* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\ExecutableTypes ->
ADE -> -> File not found
ADP -> -> File not found
BAS -> -> File not found
BAT -> -> File not found
CHM -> -> File not found
CMD -> %SystemRoot%\system32\cmd.exe -> MD5 = EEB024F2C81F0D55936FB825D21A91D6 | Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 388608 bytes | Modified Date = 03/08/2004 23:56:50 | Attr = ]
COM -> -> File not found
CPL -> -> File not found
CRT -> -> File not found
EXE -> -> File not found
HLP -> -> File not found
HTA -> -> File not found
INF -> -> File not found
INS -> -> File not found
ISP -> -> File not found
LNK -> -> File not found
MDB -> -> File not found
MDE -> -> File not found
MSC -> -> File not found
MSI -> %SystemRoot%\system32\msi.dll -> MD5 = 4E7153D034734EABE2FF3CED0A480C0B | Microsoft Corporation [Ver = 3.1.4000.4104 | Size = 2854912 bytes | Modified Date = 20/09/2007 04:49:02 | Attr = ]
MSP -> -> File not found
MST -> -> File not found
OCX -> -> File not found
PCD -> -> File not found
PIF -> -> File not found
REG -> %SystemRoot%\system32\reg.exe -> MD5 = 3F1DF5D22C775B5E5DE561755FA9AB55 | Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 50176 bytes | Modified Date = 03/08/2004 23:56:56 | Attr = ]
SCR -> -> File not found
SHS -> -> File not found
URL -> %SystemRoot%\system32\url.dll -> MD5 = 139FC10D8726541433DCA4E3A788FFDE | Microsoft Corporation [Ver = 7.00.6000.20733 (vista_ldr.071204-1500) | Size = 105984 bytes | Modified Date = 07/12/2007 02:01:13 | Attr = ]
VB -> -> File not found
WSC -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\TransparentEnabled -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\DefaultLevel -> 262144 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\AuthenticodeEnabled -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\PolicyScope -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\FriendlyName -> Mdac11.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemData -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\LastModified -> ->
*ItemSize* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemSize ->
̋ -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\FriendlyName -> mdac20.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemData -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\LastModified -> ->
*ItemSize* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemSize ->
ȅ -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\FriendlyName -> mdac20_a.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemData -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\LastModified -> ->
*ItemSize* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemSize ->
Ζ -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\FriendlyName -> _msadc10.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemData -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\LastModified -> ->
*ItemSize* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemSize ->
å -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\FriendlyName -> msadc11.cab ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemData -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\LastModified -> ->
*ItemSize* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemSize ->
Ų -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\Description -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\ItemData -> %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%OLK* ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\WindowsUpdate\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\WindowsUpdate\AU\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsFirewall\DomainProfile\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\WindowsFirewall\StandardProfile\ -> ->
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\policies\ ->
HKEY_CURRENT_USER\Software\Policies\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\ConferencingRTC\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\ConferencingRTC\{A5B45060-354F-4097-A928-5125436C46F1}\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\ConferencingRTC\{A5B45060-354F-4097-A928-5125436C46F1}\Software\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\ConferencingRTC\{A5B45060-354F-4097-A928-5125436C46F1}\Software\Policies\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\ConferencingRTC\{A5B45060-354F-4097-A928-5125436C46F1}\Software\Policies\Microsoft\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\ConferencingRTC\{A5B45060-354F-4097-A928-5125436C46F1}\Software\Policies\Microsoft\Conferencing\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\\Windows Update Menu Text -> Microsoft Update ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Messenger\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Messenger\Client\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Messenger\Client\\PreventRun -> 0 ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Messenger\Client\\PreventAutoRun -> 0 ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\AppCompat\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System\ -> ->
< Software Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\policies\ ->
HKEY_USERS\.DEFAULT\Software\Policies\ -> ->
HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\ -> ->
HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\ -> ->
HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\\Windows Update Menu Text -> Microsoft Update ->
< Software Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\policies\ ->
HKEY_USERS\S-1-5-18\Software\Policies\ -> ->
HKEY_USERS\S-1-5-18\Software\Poli