========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“cval” = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
“VistaSp1” = CE 37 E6 AF FF 6A CD 01 [binary data]
“AntiVirusOverride” = 0
“AntiSpywareOverride” = 0
“FirewallOverride” = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“AutoUpdateDisableNotify” = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{03F46F44-9E43-4BB2-B511-2F5220C1A50B}” = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{1012E374-0231-4538-BD04-BD7626A93434}” = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{11263CD8-F926-47A6-8F88-35EE9D793515}” = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
“{240C1D11-4FDA-4432-A20E-4D06B584616F}” = lport=10243 | protocol=6 | dir=in | app=system |
“{24163FF8-1C3A-431F-B577-C53FEE045609}” = lport=137 | protocol=17 | dir=in | app=system |
“{2A0E2DC6-EB18-4AB5-93FA-4FE12490E51F}” = lport=445 | protocol=6 | dir=in | app=system |
“{2B33A5CF-47C6-41FA-9381-308DD450DCF5}” = rport=137 | protocol=17 | dir=out | app=system |
“{48B60C31-9021-4932-B79D-3E90B0FCD6BF}” = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{554716A7-0688-4CAD-AD7C-572C1554AA2A}” = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
“{58DAA78F-CAFC-4339-9816-09E8452C3531}” = rport=139 | protocol=6 | dir=out | app=system |
“{61E525FF-DB2C-4E68-AF23-16A5FF2BE326}” = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{9BAAAEFE-CE18-4ACC-9E87-F6BF35B04035}” = rport=10243 | protocol=6 | dir=out | app=system |
“{A90950B0-9EB8-49B4-A5BF-A6A605966A32}” = rport=445 | protocol=6 | dir=out | app=system |
“{B10463FE-6E9E-4DA5-8297-E80F51ED0982}” = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{B118375C-9834-49FD-BD49-0C3B5DAA1632}” = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
“{C78978E9-0ADD-46F6-A1C8-C609ECE5B448}” = lport=2869 | protocol=6 | dir=in | app=system |
“{D79F444E-A8DB-411F-9961-5987608D5C44}” = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
“{E462AACB-C038-426D-BF3E-D2D109C33F43}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{E90E0028-63A3-4B4A-A6D0-BEB225E34266}” = lport=138 | protocol=17 | dir=in | app=system |
“{EFF24B2E-D792-4BD7-9FE6-85E790ACD4DE}” = rport=138 | protocol=17 | dir=out | app=system |
“{FDD905F6-5C0C-41BC-AA06-15AAFD563AAB}” = lport=139 | protocol=6 | dir=in | app=system