Jaa


Office Environment Assessment Tool (OEAT) user's guide for Office 2010

 

Applies to: Office 2010

Topic Last Modified: 2011-08-29

Banner stating end of support date for Office 2010 with link to more info

This user’s guide for the Office Environment Assessment Tool (OEAT) will help you work successfully with OEAT. Before you use this guide, we recommend that you perform the planning steps described in Office 2010 application compatibility guide and that you are ready to run OEAT to scan your organization’s client computers for add-ins and applications that interact with Microsoft Office.

A new version of OEAT is available as of July 2011. To download the Update 1 version of OEAT, see Office 2010 Tool: Office Environment Assessment Tool (https://go.microsoft.com/fwlink/p/?linkid=171092).

In this article:

  • About OEAT

  • What’s new in OEAT

  • OEAT requirements

  • Deploying OEAT

  • Working with OEAT data

  • Troubleshooting OEAT errors

  • Appendix

About OEAT

OEAT is a free downloadable executable (.exe) file that scans client computers for add-ins and applications that interact with Microsoft Office 97, Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, the 2007 Microsoft Office system, and Microsoft Office 2010. You use OEAT during the assessment phase of your application compatibility and remediation project, which is described in detail in Office 2010 application compatibility guide. The following figure shows how OEAT fits into the overall process of assessing application compatibility.

Flowchart showing OEAT in the assessment process

OEAT detects add-ins and applications by using the following two methods:

  • OEAT checks a predetermined list of folders and registry locations on each client computer for the presence of add-ins that are used for Microsoft Outlook, Microsoft Word, Microsoft Excel, and Microsoft PowerPoint. The add-in types include Automation add-ins, COM add-ins, VBA add-ins, and application-level add-ins created by using Visual Studio.

  • Optionally, OEAT runs a passive scan against client computers to monitor for applications that call Office APIs. The passive scan works by enabling auditing on certain registry keys (over a configurable period of hours or days) that are used when Office APIs are called. Based on this auditing, OEAT can determine which applications are calling Office APIs. This includes each executable name and version, and the date and time that the executable was run. When the auditing period is complete, OEAT disables auditing on the registry keys.

You can customize how OEAT runs by using a built-in wizard to generate a settings file (Settings.xml). The options include whether to run a passive scan, whether to scan the client computer silently (with no user interaction), and the UNC path or local path where the scan results are saved. You deploy Settings.xml together with OEAT.exe, either in a central shared folder or deployed to individual client computers by using products such as Microsoft Systems Management Server (SMS) or Microsoft System Center Configuration Manager. You can also deploy an execution script (based on sample that is provided later in this article) to automate invoking the command-line version of OEAT from each client computer.

For each client computer that is scanned, OEAT generates a uniquely named .xml file that contains details about add-ins and applications that are detected, and also system information about each client computer, such as drive space, memory, and the versions of Office and Windows that are installed. OEAT can save each .xml file to a central shared folder, or you can use System Center Configuration Manager to collect .xml files saved on each client computer.

When all client scans are complete, you can use a function within OEAT to compile the .xml scan results for each client computer into an Microsoft Excel spreadsheet. As part of this compilation, OEAT can compare the discovered add-ins and applications against the list of compatible add-ins that are tracked by the Microsoft Independent Software Vendor (ISV) Application Compatibility Visibility Program. You can then use the resulting spreadsheet to analyze and prioritize add-ins and applications for testing and remediation.

What’s new in OEAT

OEAT has been updated as of July 2011. The Update 1 version is available at the Microsoft Download Center (https://go.microsoft.com/fwlink/p/?linkid=171092).

The following fixes and enhancements are available in this release:

  • Passive scanning works in all languages.

  • Scan result files are named by using a GUID instead of a MAC address. This change eliminates naming conflicts that can occur in some environments.

  • When compiling scan results on a computer that does not have Internet access, OEAT can use a local copy of the vendors list (vendors.xml) that has been downloaded from another computer.

Important

Scan result files that are generated by the previous version of OEAT are not compatible with the newly released version. You must scan clients by using the new version of OEAT.

OEAT requirements

This section describes the requirements for running OEAT for scanning client computers and for managing the resulting data.

Requirements for scanning client computers

All client computers that run OEAT must have Microsoft .NET Framework 2.0 or a later version installed. In addition, each user account that runs OEAT must meet the following requirements:

  • If a user runs OEAT from the network, the user’s account must have the following permissions on the shared folder where OEAT.exe is stored:

    • NTFS permissions   Read, Execute, and Write

    • Shared folder permissions   Change and Read

  • If you configure Settings.xml to enable passive scanning, each user account that runs OEAT must be a member of the Administrators group on the local computer. This membership is required so that the user’s account has permissions to enable auditing on registry keys for Word, PowerPoint, Excel, and Microsoft Outlook CLSID Automation keys. There are two workarounds available if you want to run passive scanning on client computers where users are not local administrators. For more information about these workarounds, see Troubleshooting OEAT errors later in this article.

Requirements for managing OEAT

Administrators run OEAT to configure the Settings.xml file and to compile scan results. The computer from which you run OEAT for management purposes must meet the following requirements:

  • The computer must have access to the Internet to download the latest compatibility data from the ISV Application Compatibility Visibility Program. If the computer does not have Internet access, use the procedure that is described in Compile the scan results to download a copy of the vendor data (vendors.xml) from another computer that has Internet access.

  • The following software must be installed on the computer:

    • Microsoft .NET Framework 2.0 or a later version

    • 2007 Office system or Office 2010 (for compiling scan results into an Excel spreadsheet)

Deploying OEAT

This section describes the tasks that you perform when you deploy OEAT. The following flowchart shows the tasks in the process. Each task corresponds to a heading in this article.

OEAT process flowchart

Choose a deployment method

The Office 2010 application compatibility guide provides guidance for choosing which client computers to scan. A statistically relevant sample of 20 percent of client computers in each business unit should be sufficient. As you choose which client computers to scan, you must consider whether you have a managed environment and whether you want OEAT to run locally on each client computer or over the network. Organizations will typically choose among one of the following deployment methods:

  • Managed deployment   Use System Center Configuration Manager or Systems Management Server to distribute OEAT.exe and its related files to each client computer. For additional guidance, see the blog post Deploying Office Environment Assessment Tool (OEAT) with ConfigMgr (https://go.microsoft.com/fwlink/p/?LinkId=225020).

  • Group Policy deployment   Use Group Policy to deploy OEAT.exe and its related files to each client computer, and configure Settings.xml to save the scan results to a shared folder.

  • Unmanaged deployment   Copy OEAT.exe and its related files to a shared folder and provide instructions to users for running OEAT. For example, you can e-mail a link to a script that launches the command-line version of OEAT, or you can provide step-by-step instructions that describe how to launch the OEAT user interface and run the scan. Configure Settings.xml to save the scan results in a shared folder, or instruct users to e-mail the scan results.

Important

You can perform a passive scan only if you provide a script or instructions for launching OEAT from the command line. Running a scan by using the OEAT user interface will not invoke a passive scan, even if you configured OEAT to run a passive scan in the settings file (Settings.xml). The command-line parameters for OEAT are available in OEAT command-line parameters later in this article.

Create the OEAT settings file

After you download OEAT, you can customize how OEAT runs by creating a settings file that specifies options such as passive scanning and the location (local or shared folder) where the results files are stored. You can create the settings file by using a wizard that is launched from the OEAT user interface. When you complete the wizard, OEAT creates the settings file (Settings.xml) in the same folder as OEAT.exe. Running the settings wizard is optional. However, if you do run the wizard and create a settings file, make sure that you distribute Settings.xml together with OEAT.exe.

To configure OEAT settings

  1. Double-click OEAT.exe. The OEAT user interface appears.

    Opening screen of OEAT

  2. In the Run the settings file wizard section, click the Run wizard button.

  3. On the Welcome to the OEAT - Setup Wizard page, click Next.

  4. On the Environment Scanning Information page, click each more information link to view a list of the items that are scanned on each computer. To continue, click Next.

  5. On the Passive Scan Settings page, perform the following tasks:

    1. Select Yes to perform a passive scan, if you want, and then specify the length of time that auditing will be enabled on registry keys that are used by Office API calls. Passive scanning identifies external processes that automate Office applications, such as a solution that automates Excel to create a workbook and load data into it. We recommend that you select this option when you do not have a clear inventory of solutions that interact with Office applications. Choose a time period that is long enough to collect a representative sample of solutions yet short enough to finish before the clients restart, which will reset the auditing period.

      OEAT passive scan settings

    2. Select the Run hidden (silent) on the client while scanning check box if you want the scan to run in the background without user interaction. Click Next.

  6. In the Results Folder Location page, type the local path, mapped drive, or UNC of the share to which scan results will be saved. For example: \\server name\share name\results. Click Next.

  7. On the Finished page, click Finish.

  8. Verify that Settings.xml was created in the same folder as OEAT.exe.

Create the OEAT execution script

To automate the scans performed by OEAT, you can create a script that executes OEAT.exe from the command-line and saves the script in the folder that contains OEAT.exe. In the script sample that follows, make sure that you replace <server> and <share> with the server and shared folder that contains OEAT.exe. You can distribute the script to designated users as a logon script or by another method. Regardless of how you distribute the script, it must run with administrative rights on the local computer.

The following is a JScript code sample that you can edit to use in your environment.

// ***************************************************************
// Office Environment Assessment Tool Script
// CREATED: 8-14-2009
// VERSION:1.0
// PURPOSE:To launch the OEAT application from specified 
//              UNC share with the SCAN switch.
// ***************************************************************

/* create a scripting object */
w =  new ActiveXObject("WScript.Shell");

/* shell the OEAT.exe scanner */
w.run("\\\\<server>\\<share>\\oeat.exe -scan");

/* done */

Deploy OEAT and collect the scan results

Deploy OEAT by using the method that you chose in Choose a deployment method earlier in this article. If you chose passive scanning, make sure that you wait until the auditing period has passed before you try to collect or compile the scan results. Also, note that if a client computer is restarted while a passive scan is taking place, the auditing period is reset.

Compile the scan results

After the scan results are collected in a central folder, use one of the following procedures to compile OEAT scan results into an Excel spreadsheet. If the computer that contains the scan results has Internet access, you can compile the scan results by using OEAT on that computer. If the computer does not have Internet access, or if proxy issues are preventing OEAT from downloading the vendors.xml list, you can install OEAT on a different computer that does have Internet access, and then copy the downloaded vendors.xml file to the computer where the scan results are located.

To compile scan results from a computer that has Internet access

  1. Navigate to the folder that contains the scan results and the OEAT.exe file.

  2. Double-click OEAT.exe.

  3. On the Welcome to the Office Environment Assessment Tool page, click Compile results.

    A message box prompts you to choose whether to download the latest vendor list. Click Yes to download the vendor list.

  4. A window opens and displays a progress bar that shows the progress of the compilation. The file OEAT Report.xlsx is automatically launched in Excel when the compilation is completed.

To download the vendors list from one computer and compile the scan results from another

  1. Install OMPM on any computer that has Internet access and that meets the requirements described earlier in Requirements for managing OEAT.

  2. Double-click OEAT.exe.

  3. On the Welcome to the Office Environment Assessment Tool page, click Scan your system.

  4. After the scan is completed, click Compile results.

    A message box prompts you to choose whether to download the latest vendor list. Click Yes to download the vendor list, and then close Excel file that opens automatically after the compilation is complete.

  5. In the folder where you installed OEAT.exe, locate the file that is named vendors.xml, and then copy vendors.xml to the OEAT management computer that does not have Internet access. Be sure to copy the file to the same folder where OEAT.exe and the scan results are located.

  6. On the OEAT management computer, double-click OEAT.exe.

  7. On the Welcome to the Office Environment Assessment Tool page, click Compile results.

    A message box prompts you to choose whether to download the latest vendor list. Click No. OEAT compiles the scan results by using the vendors.xml file that you manually copied.

  8. A window opens and displays a progress bar that shows the progress of the compilation. The file OEAT Report.xlsx is automatically launched in Excel when the compilation is completed.

Working with OEAT data

This section describes the contents of the OEAT report and provides some examples of how you can best use the results data.

OEAT report overview

The compiled Excel file contains multiple worksheets, including the following:

  • SummaryReport   This worksheet contains summary information that will help you determine whether your scanned client computers are ready for Office 2010. The worksheet includes data on average free space, processors, computer manufacturers, Windows installations (including service pack levels), and Office installations. The resulting data could be interesting from a configuration management perspective in that client computers might not be running the versions of Office or Windows that you expect.

  • MicrosoftOfficeAddins   This worksheet contains a list of all add-ins that are installed with Office.

  • AddinsNotShippedWithOffice   This worksheet contains a list of all add-ins that are not included with Office. Much of your assessment and planning will come from this report. You can sort the list by application, view the last accessed or modified dates, and view the number of client computers on which the add-in was detected. You can also compare version numbers of the same add-ins to determine whether some subsets of the client computers are out-of-date, which could indicate an issue with configuration management processes in your organization.

On the AddinsNotShippedWithOffice worksheet, start with the Compatibility column to see the compatibility status of each add-in. OEAT generates the data for this column by comparing the discovered add-ins with the list of compatible add-ins that are tracked by the ISV Compatibility Program. The possible compatibility status results are as follows:

  • UNKNOWN   The add-in is currently not in the Microsoft vendor list of Office 2010-compatible add-ins. Therefore, the status of this add-in is unknown. Note that this status could change as new vendor data is made available to OEAT. Each time that you compile the spreadsheet, you have the option to download new vendor data.

  • PARTIAL MATCH   OEAT reports this status in two cases: OEAT found a match for the vendor name only. Or, OEAT found a match for the vendor name and product name, but the version number did not match. Use the link provided in the URL column to check the vendor list for compatible add-ins from the vendor.

  • EXACT MATCH   This status is shown when the vendor name matches, the product name matches, and the version number of the add-in is equal to or greater than the version that was reported by the vendor.

Important

The Compatibility column is not shown if you choose not to download compatibility data when prompted in the final version of OEAT, or if you are using the beta version of OEAT. You can download the final version of OEAT from the Microsoft Download Center.

View top 10 add-ins

The MicrosoftOfficeAddins and AddinsNotShippedWithOffice tabs contain a count column that displays the number of times each add-in or application is detected. You can filter this list to show the top 10 add-ins and applications by using the following method:

  1. On the MicrosoftOfficeAddins or AddinsNoShippedWithOffice tab, in the count column heading, click the down arrow.

  2. Point to Number Filters, and then click Top 10. Adjust the AutoFilter if you want, and then click OK.

Organize results by application

Although you might want to study possible compatibility issues for each application in Office, at first you can focus on only one application. You can select to view the data from one Office application — such as Excel in the app column — and get a list of only the add-ins and applications that interface with Excel.

View unknown add-ins

After you have filtered the list by application and by the top 10, you can again filter the list of applications that are UNKNOWN or PARTIAL MATCH in the compatibility column. By using filters again, you can also remove from the list all add-ins that are already known to be compatible with Office 2010.

Check for inconsistencies in configuration management

After you have compiled a list of add-ins per application that are not specifically known to work with Office 2010, you can then order the list from most to least common and are the top 10 of concern. From this point, you can perform the following steps:


  • Study the version information   From the items reviewed, check the version of the add-ins or applications. Do you already have the most recent version supported by the vendor? Is the application fully deployed? Can you contact the vendor to verify the latest version?


  • Note the last access date   Determine if an add-in or application was used in your environment recently. If it has an old access date, you can check the systems that report that particular add-in in the RawData worksheet to see whether it is used by current users.


  • Use the Load column   The Load column lets you know if the add-in is loaded when Office runs. OEAT notes this behavior as follows:

    • (0) Not loaded

    • (1) Loaded at next startup only

    • (2) Loaded on demand

    • (3) Loaded at startup

    • (8) Loaded on demand

    • (9) Loaded on demand

    • (16) Loaded first time, then loaded on demand

Create PivotChart and PivotTable reports

There other opportunities for displaying the data by using PivotChart reports or highlighting specific information by using PivotTable reports. For more information about Excel PivotChart and PivotTable reports, see Overview of Excel charts (https://go.microsoft.com/fwlink/p/?LinkId=178194) and Overview of PivotTable reports (https://go.microsoft.com/fwlink/p/?LinkId=178195).

Troubleshooting OEAT errors

This section helps you troubleshoot issues that you might encounter when you use OEAT.

Passive scanning fails and the message ”Error setting permissions on registry keys” appears in the errors.log file

If a user who is not a local administrator attempts to run a passive scan, a series of errors are written to an error file (errors.log) in the same folder as OEAT.exe. The errors in the log are as follows:

... SCAN: Error setting permissions on registry keys. PERMISSION ERROR: System.UnauthorizedAccessException: Attempted to perform an unauthorized operation. ... at OfficeAddinScanner.clsWatcher.addAudits()

If you need to run a passive scan against client computers without the user being a local administrator, you can perform the following workarounds:

  • Create a Group Policy object (GPO) that sets Change permissions for the user on the following audit keys.

    • Excel = HKEY_CLASSES_ROOT\CLSID\{00024500-0000-0000-C000-000000000046}

    • PowerPoint = HKEY_CLASSES_ROOT\CLSID\{91493441-5A91-11CF-8700-00AA0060263B}

    • Word = HKEY_CLASSES_ROOT\CLSID\{000209FF-0000-0000-C000-000000000046}

    • Outlook = HKEY_CLASSES_ROOT\CLSID\{0006F03A-0000-0000-C000-000000000046}

    For more information about how to set audit key values by using a GPO, see How to use Group Policy to audit registry keys in Windows Server 2003 (https://go.microsoft.com/fwlink/p/?LinkId=178196).

  • Deploy OEAT to run under the Local System account on each client computer by using a management solution such as Systems Management Server or System Center Configuration Manager. Configure the tool to run from the Startup folder or Windows Run registry key, and then collect the scan results file from each client computer.

Passive scanning fails and the message “SCAN: Error setting up passive scan. Some or all identity references could not be translated.” appears in the errors.log file

This error message appears when client computers are running localized versions of Windows in which the names of security groups are not in English. The failure occurs because OEAT has a hard-coded dependency on the English name of the Everyone group. In clients that use a language version other than English, the Everyone group might be localized for the specific language of the client. On these clients, passive scanning fails.

A new version of OEAT is available that fixes this issue. To download the new version, see Office 2010 Tool: Office Environment Assessment Tool (https://go.microsoft.com/fwlink/p/?linkid=171092).

In some environments, identical MAC addresses cause scan result files to have identical names

Customers have reported that in some environments, such as Citrix environments, scan results cannot be consolidated or compiled because the scan results file for each client uses the same file name. A new version of OEAT is available that uses GUIDs to ensure that scan result files use unique names. To download the new version, see Office 2010 Tool: Office Environment Assessment Tool (https://go.microsoft.com/fwlink/p/?linkid=171092).

The vendor list (vendors.xml) cannot be downloaded

Proxy issues can prevent OEAT from downloading the vendors list (vendors.xml) on computers that have Internet access. If downloading the vendors list fails, use the procedure in Compile the scan results to download vendors.xml from a separate computer, such as a home computer, that does not use a proxy server.

You receive the error “Old format or invalid type library” when you compile OEAT scan results

This error occurs when you are compiling OEAT scan results from a client computer that runs the English version of Excel and your current locale is configured for a language other than English. In this situation, Excel will try to locate the language pack for the configured language. If the language pack is not found, the error is reported. To work around this issue, change your locale to match the version of Excel that you are running on the client computer, and then try to compile the scan results again.

Appendix

This appendix describes OEAT command-line parameters and the locations where OEAT searches for add-ins and applications.

OEAT command-line parameters

You can run OEAT at the command prompt or in a script by using the set of parameters shown in the following table.

Parameter Description

-scan

Runs OEAT.exe with the scan option. This parameter requires that Settings.xml file is saved to the same folder as OEAT.exe.

-setup

Runs the Setup wizard that creates the Settings.xml file.

-compile

Compiles the scan result files into an XML file. This file is saved to the folder that is specified in the Settings.xml file. If no Settings.xml file exists, the default configuration is used and the compiled data is saved to a file in the current folder.

-help

Opens the Help window.

-debug

Stops the scan if there is an error and displays a message box that describes the error.

Additional parameters are available for use with the Oeat.exe –scan command. The syntax is:

OEAT.EXE –scan <path to settings.xml> <path to errors.log>

For example, you can use this command in the following ways:

  • Oeat.exe –scan [default] %temp%\errors.log

  • Oeat.exe –scan \\someotherserver\path\settings.xml

  • Oeat.exe –scan \\someotherserver\path\settings.xml %temp%\errors.log

  • Oeat.exe –scan %temp%\settings.xml \\server\share\errors.log

  • Oeat.exe –scan %temp%\settings.xml %temp%\errors.log

When using these parameters, note the following requirements:

  • The settings file must be named settings.xml.

  • The errors log file must be named errors.log.

  • You do not need both the settings and error paths, but you cannot specify the errors path without specifying the settings path first.

  • You can specify [default] for the settings.xml path to have OEAT use the one in the same folder the OEAT.EXE.

Locations scanned by OEAT

Folders scanned:

%programfiles%\Microsoft Office\Office9\Xlstart

%programfiles%\Microsoft Office\Office10\Xlstart

%programfiles%\Microsoft Office\Office11\Xlstart

%programfiles%\Microsoft Office\Office12\Xlstart

%programfiles%\Microsoft Office\Office9\STARTUP

%programfiles%\Microsoft Office\Office10\STARTUP

%programfiles%\Microsoft Office\Office11\STARTUP

%programfiles%\Microsoft Office\Office12\STARTUP

%programfiles%\Microsoft Office\Office14\STARTUP

%appdata%\Microsoft\Excel\XLSTART

%appdata%\Microsoft\Word\STARTUP

%appdata%\Microsoft\AddIns

Extensions discovered within the scanned folders:

PowerPoint: ppa, ppam

Excel: xla, xlm, xll, xlam

Word: dot, dotm, .wll

Office: .dll

Registry locations scanned:

PowerPoint:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\PowerPoint\Addins

HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\PowerPoint\AddIns

HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\PowerPoint\AddIns

HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\PowerPoint\AddIns

HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\Addins

HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\PowerPoint\Addins

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\PowerPoint\Addins

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\9.0\PowerPoint\AddIns

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\10.0\PowerPoint\AddIns

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\11.0\PowerPoint\AddIns

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\12.0\PowerPoint\Addins

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\14.0\PowerPoint\Addins

Outlook:

HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\Addins

HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Outlook\Addins

HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Addins

HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Addins

HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Addins

HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\Addins

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\9.0\Outlook\Addins

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\10.0\Outlook\Addins

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\11.0\Outlook\Addins

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\12.0\Outlook\Addins

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\14.0\Outlook\Addins

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins

Excel:

HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\

HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Excel\Add-in Manager

HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Excel\Add-in Manager

HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Add-in Manager

HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Excel\Add-in Manager

HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Add-in Manager

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\Excel\Addins\

HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Excel\Options::OPEN#

HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Excel\Options::OPEN#

HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Options::OPEN#

HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Excel\Options::OPEN#

HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Options::OPEN#

Word:

HKEY_CURRENT_USER\Software\Microsoft\Office\Word\Addins\

HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Add-ins

HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Word\Add-ins

HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Add-ins

HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Word\Add-ins

HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Add-ins

HKEY_LOCAL_MACHINE\Software\Microsoft\Office\Word\Addins\

HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Options::STARTUP-PATH

HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Word\Options::STARTUP-PATH

HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Options::STARTUP-PATH

HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Word\Options::STARTUP-PATH

HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Options::STARTUP-PATH

Registry keys monitored during passive scan:

{00024500-0000-0000-C000-000000000046}

{91493441-5A91-11CF-8700-00AA0060263B}

{000209FF-0000-0000-C000-000000000046}

{0006F03A-0000-0000-C000-000000000046}