API tools faq
paste
Advertisement
opexxx

registryActivity1

opexxx
Mar 20th, 2017
237
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 20.32 KB | None | 0 0
raw download clone embed print report
  1. SetValue [37]
  2. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
  3. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  4. valueType REG_SZ
  5. value yftbufoz
  6. valueDataSize 52
  7. data
  8. "C:\Windows\egocynug.exe"
  9. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Internet Explorer\PhishingFilter
  10. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  11. valueType REG_DWORD
  12. value EnabledV8
  13. valueDataSize 4
  14. data
  15. 00000000
  16. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Internet Explorer\PhishingFilter
  17. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  18. valueType REG_DWORD
  19. value EnabledV9
  20. valueDataSize 4
  21. data
  22. 00000000
  23. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A10090400000000000F01FEC\Usage
  24. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  25. valueType REG_DWORD
  26. value OutlookMAPI2Intl_1033
  27. valueDataSize 4
  28. data
  29. 4a710002
  30. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
  31. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  32. valueType REG_BINARY
  33. value SavedLegacySettings
  34. valueDataSize 56
  35. data
  36. 4600000002000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  37. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings
  38. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  39. valueType REG_DWORD
  40. value ProxyEnable
  41. valueDataSize 4
  42. data
  43. 00000000
  44. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109410000000000000000F01FEC\Usage
  45. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  46. valueType REG_DWORD
  47. value ProductFiles
  48. valueDataSize 4
  49. data
  50. 4a710013
  51. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  52. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  53. valueType REG_MULTI_SZ
  54. value UISnapshot
  55. valueDataSize 10
  56. data
  57. 1033
  58. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  59. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  60. valueType REG_MULTI_SZ
  61. value UIFallback
  62. valueDataSize 10
  63. data
  64. 1033
  65. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  66. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  67. valueType REG_DWORD
  68. value UILanguage
  69. valueDataSize 4
  70. data
  71. 00000409
  72. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  73. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  74. valueType REG_DWORD
  75. value HelpLanguage
  76. valueDataSize 4
  77. data
  78. 00000409
  79. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  80. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  81. valueType REG_DWORD
  82. value WinXPLanguagePatch
  83. valueDataSize 4
  84. data
  85. 00000001
  86. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  87. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  88. valueType REG_DWORD
  89. value InstallLanguage
  90. valueDataSize 4
  91. data
  92. 00000409
  93. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  94. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  95. valueType REG_DWORD
  96. value PreviousInstallLanguage
  97. valueDataSize 4
  98. data
  99. 00000409
  100. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  101. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  102. valueType REG_SZ
  103. value WordChangeInstallLanguage
  104. valueDataSize 6
  105. data
  106. No
  107. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  108. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  109. valueType REG_SZ
  110. value XLChangeInstallLanguage
  111. valueDataSize 6
  112. data
  113. No
  114. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  115. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  116. valueType REG_SZ
  117. value WordMailChangeInstallLanguage
  118. valueDataSize 6
  119. data
  120. No
  121. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  122. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  123. valueType REG_SZ
  124. value PPTChangeInstallLanguage
  125. valueDataSize 6
  126. data
  127. No
  128. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  129. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  130. valueType REG_SZ
  131. value AccessChangeInstallLanguage
  132. valueDataSize 6
  133. data
  134. No
  135. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  136. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  137. valueType REG_SZ
  138. value OutlookChangeInstallLanguage
  139. valueDataSize 6
  140. data
  141. No
  142. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  143. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  144. valueType REG_SZ
  145. value PublisherChangeInstallLanguage
  146. valueDataSize 6
  147. data
  148. No
  149. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  150. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  151. valueType REG_SZ
  152. value SharePointDesignerChangeInstallLanguage
  153. valueDataSize 6
  154. data
  155. No
  156. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  157. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  158. valueType REG_SZ
  159. value ProjectChangeInstallLanguage
  160. valueDataSize 6
  161. data
  162. No
  163. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  164. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  165. valueType REG_SZ
  166. value InfoPathChangeInstallLanguage
  167. valueDataSize 6
  168. data
  169. No
  170. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  171. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  172. valueType REG_SZ
  173. value OneNoteChangeInstallLanguage
  174. valueDataSize 6
  175. data
  176. No
  177. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  178. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  179. valueType REG_SZ
  180. value WebDesignerChangeInstallLanguage
  181. valueDataSize 6
  182. data
  183. No
  184. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  185. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  186. valueType REG_SZ
  187. value LangTuneUp
  188. valueDataSize 32
  189. data
  190. OfficeCompleted
  191. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources\EnabledLanguages
  192. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  193. valueType REG_SZ
  194. value 1033
  195. valueDataSize 6
  196. data
  197. On
  198. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Shared
  199. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  200. valueType REG_DWORD
  201. value OfficeUILanguage
  202. valueDataSize 4
  203. data
  204. 00000409
  205. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A10090400000000000F01FEC\Usage
  206. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  207. valueType REG_DWORD
  208. value OutlookMAPI2Intl_1033
  209. valueDataSize 4
  210. data
  211. 4a710003
  212. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
  213. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  214. valueType REG_BINARY
  215. value DefaultConnectionSettings
  216. valueDataSize 312
  217. data
  218. 4600000002000000090000000000000000000000000000000400000000000000d02f66040e9fd201000000000000000000000000020000001700000000000000fe80000000000000406a399058641c260b0000000000000084515d7748a55c777030b073d9060000010000000000000000000000000000004000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000c0a80170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
  219. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
  220. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  221. valueType REG_DWORD
  222. value UNCAsIntranet
  223. valueDataSize 4
  224. data
  225. 00000000
  226. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
  227. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  228. valueType REG_DWORD
  229. value AutoDetect
  230. valueDataSize 4
  231. data
  232. 00000001
  233. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
  234. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  235. valueType REG_DWORD
  236. value UNCAsIntranet
  237. valueDataSize 4
  238. data
  239. 00000000
  240. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
  241. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  242. valueType REG_DWORD
  243. value AutoDetect
  244. valueDataSize 4
  245. data
  246. 00000001
  247. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
  248. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  249. valueType REG_DWORD
  250. value UNCAsIntranet
  251. valueDataSize 4
  252. data
  253. 00000000
  254. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
  255. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  256. valueType REG_DWORD
  257. value AutoDetect
  258. valueDataSize 4
  259. data
  260. 00000001
  261.  
  262. CreateKey [17]
  263. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Internet Explorer\PhishingFilter
  264. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  265. key \REGISTRY\\REGISTRY\MACHINE\SOFTWARE\CLASSES
  266. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  267. key \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness
  268. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  269. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness
  270. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  271. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Network
  272. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  273. key \REGISTRY\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters
  274. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  275. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office
  276. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  277. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  278. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  279. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0
  280. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  281. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common
  282. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  283. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources
  284. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  285. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\12.0\Common\LanguageResources\EnabledLanguages
  286. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  287. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Shared
  288. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  289. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles
  290. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  291. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem
  292. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  293. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles
  294. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  295. key \REGISTRY\\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters
  296. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  297.  
  298. OpenKey [46]
  299. key \REGISTRY\USER\S-1-5-21-3558273304-2305715256-1486658336-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  300. process C:\ehgccf\lbtpt.exe
  301. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-3558273304-2305715256-1486658336-1000
  302. process C:\ehgccf\lbtpt.exe
  303. key \REGISTRY\USER\S-1-5-21-3558273304-2305715256-1486658336-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  304. process C:\ehgccf\lbtpt.exe
  305. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
  306. process C:\ehgccf\lbtpt.exe
  307. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
  308. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  309. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
  310. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  311. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
  312. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  313. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
  314. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  315. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  316. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  317. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
  318. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  319. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  320. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  321. key \REGISTRY\\REGISTRY\USER\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
  322. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  323. key \REGISTRY\\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
  324. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  325. key \REGISTRY\\REGISTRY\USER\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
  326. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  327. key \REGISTRY\\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
  328. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  329. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\my\PhysicalStores
  330. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  331. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\my
  332. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  333. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
  334. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  335. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\my
  336. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  337. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My\(null)
  338. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  339. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My\Certificates
  340. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  341. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My\CRLs
  342. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  343. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My\CTLs
  344. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  345. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
  346. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  347. key \REGISTRY\USER\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  348. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  349. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
  350. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  351. key \REGISTRY\\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  352. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  353. key \REGISTRY\USER\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  354. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  355. key \REGISTRY\\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  356. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  357. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
  358. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  359. key \REGISTRY\USER\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  360. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  361. key \REGISTRY\\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  362. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  363. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
  364. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  365. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Internet Account Manager\Accounts\00000001
  366. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  367. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook
  368. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  369. key \REGISTRY\USER\.DEFAULT\Software\Microsoft\Office\Outlook\OMI Account Manager\Accounts
  370. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  371. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
  372. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  373. key \REGISTRY\USER\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  374. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  375. key \REGISTRY\\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  376. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  377. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
  378. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  379. key \REGISTRY\USER\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  380. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  381. key \REGISTRY\\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  382. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  383. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
  384. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  385. key \REGISTRY\USER\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  386. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  387. key \REGISTRY\\REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
  388. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  389. key \REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
  390. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  391.  
  392. QueryValue [11]
  393. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography
  394. process C:\ehgccf\lbtpt.exe
  395. value MachineGuid
  396. valueType REG_SZ
  397. data
  398. ifssnbmrwbhyuarhuongwmjyhwfnwjgltvwc
  399. valueDataSize 74
  400. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
  401. process C:\ehgccf\lbtpt.exe
  402. value DigitalProductId
  403. valueType
  404. data
  405. valueDataSize 0
  406. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
  407. process C:\ehgccf\lbtpt.exe
  408. value DigitalProductId
  409. valueType REG_BINARY
  410. data
  411. a40000000300000030303337312d4f454d2d383939323637312d303030303400b20000005831352d3337333737000000000000006b6e4c3672eafba98ab7f626e62f04000000000007e19455fa0ff2b40200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000daf210c8
  412. valueDataSize 164
  413. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
  414. process C:\ehgccf\lbtpt.exe
  415. value InstallDate
  416. valueType REG_DWORD
  417. data
  418. 5595bfe3
  419. valueDataSize 4
  420. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography
  421. process C:\ehgccf\lbtpt.exe
  422. value MachineGuid
  423. valueType REG_SZ
  424. data
  425. ifssnbmrwbhyuarhuongwmjyhwfnwjgltvwc
  426. valueDataSize 74
  427. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography
  428. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  429. value MachineGuid
  430. valueType REG_SZ
  431. data
  432. ifssnbmrwbhyuarhuongwmjyhwfnwjgltvwc
  433. valueDataSize 74
  434. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
  435. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  436. value DigitalProductId
  437. valueType
  438. data
  439. valueDataSize 0
  440. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
  441. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  442. value DigitalProductId
  443. valueType REG_BINARY
  444. data
  445. a40000000300000030303337312d4f454d2d383939323637312d303030303400b20000005831352d3337333737000000000000006b6e4c3672eafba98ab7f626e62f04000000000007e19455fa0ff2b40200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000daf210c8
  446. valueDataSize 164
  447. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
  448. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  449. value InstallDate
  450. valueType REG_DWORD
  451. data
  452. 5595bfe3
  453. valueDataSize 4
  454. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography
  455. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  456. value MachineGuid
  457. valueType REG_SZ
  458. data
  459. ifssnbmrwbhyuarhuongwmjyhwfnwjgltvwc
  460. valueDataSize 74
  461. key \REGISTRY\MACHINE\SOFTWARE\Microsoft\Cryptography
  462. process C:\Windows\explorer.exe (v. 6.1.7601.17514)
  463. value MachineGuid
  464. valueType REG_SZ
  465. data
  466. ifssnbmrwbhyuarhuongwmjyhwfnwjgltvwc
  467. valueDataSize 74
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!