Help - trying to remove BraveSentry etc

[StckFigure]

This'll take three posts, it looks like. I see lots of NOT FOUNDs, which is nice! I also see
**** PPTP Haxdoor FOUND by this tool! ****
CAREFULL HERE THIS WILL ALSO FIND WinLanMiniport

I don't know what the second part is.

Beyond that, my untrained eye isn't really sure what I'm looking for anyway, so here's the whole thing!

************************************************** **********************************
ISeeYouXP v2.0 Beta6

ISeeYouXP v1.3.0-v2.0 Beta6 Copyright - ShadowPuterDude
ISeeYouXP v1.2.9 and earlier Copyright - PhilliePhan
------------------------------------------------------------------------------------
**** PLEASE NOTE THAT MOST (if not ALL) OF THE ITEMS BELOW ARE NOT BADDIES! ****
**** PLEASE CONSULT A KNOWLEDGEABLE PERSON BEFORE TAKING ANY ACTION. ****
************************************************** **********************************

Windows OS is:

Microsoft Windows XP [Version 5.1.2600]
It's Thu May 17, 2007 05:05:33 PM

------------------------------------------------------------------------------------

ISeeYouXP installation folder and files

"C:\ISeeYouXP\"
change.log Apr 4 2007 3690 "change.log"
chodefix.bat Feb 21 2007 5214 "chodefix.bat"
egrep Dec 24 2004 35 "egrep"
fgrep Dec 24 2004 35 "fgrep"
fixexp~1.bat Feb 24 2007 487 "FixExplorerPolicies.bat"
getunk~1.bat Aug 12 2006 1478 "GetUnKeys.bat"
grep.exe Dec 24 2004 160768 "grep.exe"
hideit.bat Mar 31 2007 1114 "HideIT.bat"
iseeyo~1.bat Apr 7 2007 177450 "ISeeYouXP.bat"
libico~1.dll Mar 16 2004 898048 "libiconv2.dll"
libintl3.dll Oct 9 2004 101888 "libintl3.dll"
locate.com Jan 14 2005 11254 "locate.com"
ltime.exe Oct 28 1986 13184 "ltime.exe"
msconf~1.bat Feb 24 2007 578 "MSConfigFix.bat"
pcbutts.txt Mar 25 2007 5167 "PCBUTTS.TXT"
pcre.dll Nov 14 2004 183313 "pcre.dll"
regedi~1.bat Mar 30 2007 650 "RegEditFix.bat"
showit.bat Mar 31 2007 1055 "ShowIT.bat"
swreg.exe Apr 5 2007 139776 "swreg.exe"
system~1.bat Feb 28 2007 369 "SystemRestoreFix.bat"
taskmg~1.bat Feb 24 2007 288 "TaskMgrFix.bat"

21 items found: 21 files, 0 directories.
Total of file sizes: 1,705,841 bytes 1.63 M
3 Dir(s) 56,363,982,848 bytes free

------------------------------------------------------------------------------------

System Environment Variables

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=EDDIE
ComSpec=C:\WINDOWS\system32\cmd.exe
errcode=0
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\EDDIE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\Sys tem32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Common Files\Ulead Systems\Mpeg;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Pinnacle\Shared Files;C:\Program Files\Pinnacle\Shared Files\Filter
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\Roxio Central\
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=EDDIE
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI

------------------------------------------------------------------------------------

Showing any Pocket Killbox backup files

No matches found.

------------------------------------------------------------------------------------

SYSTEM.INI:

[drivers]
wave=mmdrv.dll
timer=timer.drv
[mci]
[driver32]
[386enh]
woafont=dosapp.FON
EGA80WOA.FON=EGA80WOA.FON
EGA40WOA.FON=EGA40WOA.FON
CGA80WOA.FON=CGA80WOA.FON
CGA40WOA.FON=CGA40WOA.FON
[Windows]
load=

------------------------------------------------------------------------------------

WIN.INI:

; for 16-bit app support
[fonts]
[extensions]
[mci extensions]
[files]
[MCI Extensions.BAK]
aif=MPEGVideo
aifc=MPEGVideo
aiff=MPEGVideo
asf=MPEGVideo
asx=MPEGVideo
au=MPEGVideo
m1v=MPEGVideo
m3u=MPEGVideo
mp2=MPEGVideo
mp2v=MPEGVideo
mp3=MPEGVideo
mpa=MPEGVideo
mpe=MPEGVideo
mpeg=MPEGVideo
mpg=MPEGVideo
mpv2=MPEGVideo
snd=MPEGVideo
wax=MPEGVideo
wm=MPEGVideo
wma=MPEGVideo
wmv=MPEGVideo
wmx=MPEGVideo
wpl=MPEGVideo
wvx=MPEGVideo
[WAOL]
Installed=
AppPath=C:\Program Files\America Online 9.0
SharedPath=C:\Program Files\Common Files\AOLSHARE
[Status]
State=Running
[ActiveScan]
ID = {24D13F07-97AD-4E3D-BF12-277AEA90BD0E}
[netsock]
netapi.dll-VREKDD26FS-32b2=5505820
netapi.dll-IZALEN0-312e=5505820
[FISApp]
CLSID=462025A221786122ED8F30
[RAD Video Tools]
Path=C:\Documents and Settings\Owner\Desktop\2\Digital Book
BinkComp= /d650000 /m3.0 /l4 /p8
BinkMix=
SmackComp= /n250000 /m3.0 /l104 /v8
SmackMix=/l104
BinkPlay=
SmackPlay=
BinkConv= /n-1
X=100
Y=100
W=526
H=392
LastVersionCheckDate=2007-04-12
[FoxyTunesWMP]
MessageBoxAnswer=0

------------------------------------------------------------------------------------

LOG for Microsoft Windows Malicious Software Removal Tool:

---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v1.25, February 2007
Started On Sat Feb 17 00:24:46 2007

Results Summary:
----------------
No infection found.

Return code: 0
Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 17 00:25:03 2007


---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v1.27, March 2007
Started On Thu Mar 15 00:31:15 2007

Results Summary:
----------------
No infection found.

Return code: 0
Microsoft Windows Malicious Software Removal Tool Finished On Thu Mar 15 00:31:29 2007


---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v1.28, April 2007
Started On Thu Apr 12 23:44:02 2007

Results Summary:
----------------
No infection found.

Return code: 0
Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 12 23:44:18 2007


---------------------------------------------------------------------------------------

Microsoft Windows Malicious Software Removal Tool v1.29, May 2007
Started On Mon May 14 03:17:42 2007

Results Summary:
----------------
No infection found.

Return code: 0
Microsoft Windows Malicious Software Removal Tool Finished On Mon May 14 03:18:56 2007

----------------------------------------------------------------------------
Listing HKCU Explorer\Advanced//Hidden and SuperHidden Registry Keys
if Hidden = 0 then Hidden Files and Folders are not shown
if SuperHidden = 1 is the desired default value.
if ShowSuperHidden = 0 then System Files are not shown
if HideFileExt = 1 then File Extension are not shown
We want their values to be (from top to bottom) 1,1,1,0
----------------------------------------------------------------------------

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\advanced
Hidden REG_DWORD 2 (0x2)
SuperHidden REG_DWORD 1 (0x1)
ShowSuperHidden REG_DWORD 1 (0x1)
HideFileExt REG_DWORD 1 (0x1)

************************************************** **********************************

Examining Select Windows Registry Keys
------------------------------------------------------------------------------------

--------------------------------------------------------------------------
Items Found in ZoneMap\Domains:
--------------------------------------------------------------------------



HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\internet settings\zonemap\domains
<NO NAME> REG_SZ

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\internet settings\zonemap\domains\msn.com

----------------------------------------------------------------------------
Current User ZoneMap ProtocolDefaults
----------------------------------------------------------------------------



HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\internet settings\zonemap\protocoldefaults
<NO NAME> REG_SZ
http REG_DWORD 3 (0x3)
https REG_DWORD 3 (0x3)
ftp REG_DWORD 3 (0x3)
file REG_DWORD 3 (0x3)
@ivt REG_DWORD 1 (0x1)
shell REG_DWORD 0 (0x0)

----------------------------------------------------------------------------
Default URL Prefix Keys
----------------------------------------------------------------------------



HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\url

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\url\DefaultPrefix
<NO NAME> REG_SZ http://

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\url\Prefixes
ftp REG_SZ ftp://
gopher REG_SZ gopher://
home REG_SZ http://
mosaic REG_SZ http://
www REG_SZ http://

--------------------------------------------------------------------------
Startup Items Disabled via MSCONFIG:
--------------------------------------------------------------------------



HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services
UleadBurningHelper REG_DWORD 2 (0x2)
svcWRSSSDK REG_DWORD 2 (0x2)
RoxWatch REG_DWORD 2 (0x2)
RoxUpnpServer REG_DWORD 2 (0x2)
RoxUPnPRenderer REG_DWORD 3 (0x3)
RoxMediaDB REG_DWORD 3 (0x3)
RoxLiveShare REG_DWORD 2 (0x2)
AOL TopSpeedMonitor REG_DWORD 2 (0x2)
AOL ACS REG_DWORD 2 (0x2)
AFSEGTGF Windows Service REG_DWORD 2 (0x2)

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk
path REG_SZ C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup REG_SZ C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
location REG_SZ Common Startup
command REG_SZ C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE
item REG_SZ Adobe Reader Speed Launch

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk
path REG_SZ C:\Documents and Settings\All Users\Start Menu\Programs\BigFix\BigFix.lnk
backup REG_SZ C:\WINDOWS\pss\BigFix.lnkCommon Startup
location REG_SZ Common Startup
command REG_SZ C:\PROGRA~1\BigFix\BigFix.exe /atstartup
item REG_SZ BigFix

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Cisco Systems VPN Client.lnk
path REG_SZ C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Cisco Systems VPN Client.lnk
backup REG_SZ C:\WINDOWS\pss\Cisco Systems VPN Client.lnkCommon Startup
location REG_SZ Common Startup
command REG_SZ C:\VPNCLI~1\vpngui.exe "-user_logon"
item REG_SZ Cisco Systems VPN Client

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^D-link AirPlus G DWL-G120 Wireless USB.lnk
path REG_SZ C:\Documents and Settings\All Users\Start Menu\Programs\D-link AirPlus G DWL-G120 Wireless USB\D-link AirPlus G DWL-G120 Wireless USB.lnk
backup REG_SZ C:\WINDOWS\pss\D-link AirPlus G DWL-G120 Wireless USB.lnkCommon Startup
location REG_SZ Common Startup
command REG_SZ C:\PROGRA~1\D-LINK~1\120UTIL.exe
item REG_SZ D-link AirPlus G DWL-G120 Wireless USB

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ
hkey REG_SZ HKLM
command REG_SZ
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ
hkey REG_SZ HKCU
command REG_SZ
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ AOL
hkey REG_SZ HKCU
command REG_SZ "C:\Program Files\America Online 9.0\AOL.EXE" -b
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ AOLSP Scheduler
hkey REG_SZ HKLM
command REG_SZ "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ atiptaxx
hkey REG_SZ HKLM
command REG_SZ C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ ccApp
hkey REG_SZ HKLM
command REG_SZ "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ zHotkey
hkey REG_SZ HKLM
command REG_SZ zHotkey.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlPanel
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ cmd32
hkey REG_SZ HKLM
command REG_SZ C:\WINDOWS\system32\cmd32.exe internat.dll,LoadKeyboardProfile
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ ehtray
hkey REG_SZ HKLM
command REG_SZ C:\WINDOWS\ehome\ehtray.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Explorer32
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ efsdfgxg
hkey REG_SZ HKLM
command REG_SZ C:\WINDOWS\system32\efsdfgxg.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ AOLSoftware
hkey REG_SZ HKLM
command REG_SZ C:\Program Files\Common Files\AOL\1123358120\ee\AOLSoftware.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ hpztsb07
hkey REG_SZ HKLM
command REG_SZ C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 7.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon04
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ hphmon04
hkey REG_SZ HKLM
command REG_SZ C:\WINDOWS\system32\hphmon04.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD04
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ hphupd04
hkey REG_SZ HKLM
command REG_SZ "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IS CfgWiz
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ cfgwiz
hkey REG_SZ HKLM
command REG_SZ C:\Program Files\Norton Internet Security\cfgwiz.exe /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ mcagent
hkey REG_SZ HKLM
command REG_SZ c:\PROGRA~1\mcafee.com\agent\mcagent.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ mcupdate
hkey REG_SZ HKLM
command REG_SZ C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ msmsgs
hkey REG_SZ HKCU
command REG_SZ "C:\Program Files\Messenger\msmsgs.exe" /background
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ NeroCheck
hkey REG_SZ HKLM
command REG_SZ C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ PSDrvCheck
hkey REG_SZ HKLM
command REG_SZ C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlaxoUpdate
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ PlaxoHelper
hkey REG_SZ HKCU
command REG_SZ C:\Program Files\Plaxo\2.5.10.17\PlaxoHelper.exe -a
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ qttask
hkey REG_SZ HKLM
command REG_SZ "C:\Program Files\QuickTime\qttask.exe" -atboottime
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ RECGUARD
hkey REG_SZ HKLM
command REG_SZ %WINDIR%\SMINST\RECGUARD.EXE
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ Remind_XP
hkey REG_SZ HKLM
command REG_SZ %WINDIR%\Creator\Remind_XP.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ PDVDServ
hkey REG_SZ HKLM
command REG_SZ "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ DrgToDsc
hkey REG_SZ HKLM
command REG_SZ "C:\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ RoxWatchTray
hkey REG_SZ HKLM
command REG_SZ "C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run
key REG_SZ SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
item REG_SZ services
hkey REG_SZ HKCU
command REG_SZ C:\WINDOWS\inet20099\services.exe
inimapping REG_SZ 1

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySheriff
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ SpySheriff
hkey REG_SZ HKCU
command REG_SZ C:\Program Files\SpySheriff\SpySheriff.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ UsrPrmpt
hkey REG_SZ HKLM
command REG_SZ C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickIt
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ
hkey REG_SZ HKCU
command REG_SZ
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StickIt Note Launcher (Required to load StickIt notes on Windows startup)
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ StickItLauncher
hkey REG_SZ HKCU
command REG_SZ C:\Stickit\StickItLauncher.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ shwiconem
hkey REG_SZ HKLM
command REG_SZ C:\Program Files\Digital Media Reader\shwiconem.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunServer
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ sunserver
hkey REG_SZ HKLM
command REG_SZ C:\CounterSpy\Consumer\sunserver.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ UrlLstCk
hkey REG_SZ HKLM
command REG_SZ C:\Program Files\Norton Internet Security\UrlLstCk.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows installer
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ winstall
hkey REG_SZ HKCU
command REG_SZ C:\winstall.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\xp_system
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ services
hkey REG_SZ HKLM
command REG_SZ C:\WINDOWS\inet20099\services.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\_AntiSpyware
key REG_SZ SOFTWARE\Microsoft\Windows\CurrentVersion\Run
item REG_SZ MssCli
hkey REG_SZ HKLM
command REG_SZ C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
inimapping REG_SZ 0

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\state
system.ini REG_DWORD 0 (0x0)
win.ini REG_DWORD 0 (0x0)
bootini REG_DWORD 0 (0x0)
services REG_DWORD 2 (0x2)
startup REG_DWORD 2 (0x2)