First Scan - what's safe to exclude?

[califlefty]

Hi folks - Just ran SD and can upon these. Most seem like legit Microsoft Windows entries that will be safe to exclude - the only thing worrisome is "Zip Genius". Please let me know if you think it is safe to exclude these from further searches. Thanks very much!!!

*********************************

--- Search result list ---
Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Microsoft.WindowsSecurityCenter.FirewallDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify!=dword:0

Microsoft.WindowsSecurityCenter.UpdateDisableNotify: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify!=dword:0

Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

Internet Explorer: User agent (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!=Mozilla/4.0 (compatible; MSIE; Win32)

MS Media Player: Application data file (global) () (File, nothing done)
C:\Documents and Settings\All Users\Application Data\Microsoft\Media Index\wmplibrary_v_0_12.db

MS Media Player: Search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\MediaPlayer\AutoComplete\MediaSearch

MS Media Player: Anonymous ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID!=B=0

MS DirectDraw: Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name!=

MS Office 11.0 (Picture Manager): Last selected folder (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Office\11.0\OIS\Options\LastTreeSelection

MS Search Assistant: Typed search terms history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Search Assistant\ACMru

Windows.OpenWith: Open with list - .BMP extension (8 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: Open with list - .CSH extension (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSH\OpenWithList

Windows.OpenWith: Open with list - .CSV extension (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

Windows Explorer: Recent wallpaper list (247 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: User Assistant history IE (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: User Assistant history files (1 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: Last Copy/MoveTo folder (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\CopyMoveTo\LastFolder

Windows Media SDK: Computer name (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName

Windows Media SDK: Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName

Windows Media SDK: Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName

Windows Media SDK: Unique ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}

Windows Media SDK: Volume serial number (Registry value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: Volume serial number (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: Volume serial number (Registry value, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

ZipGenius 5: Last opened folder (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\M.Dev Software\ZG5\LastDir!=

ZipGenius 5: Recent file list (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\M.Dev Software\ZG5\MRU Items

ZipGenius 5: Last extraction folder (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1454471165-179605362-1801674531-1004\Software\M.Dev Software\ZG5\TExtrForm\de1_Text!=

[Shaba]

Hi califlefty

Actually it's safe to exclude all of those

Most of them are just MRU (Most Recently Used) lists.