Gaming Community
Forum
 
Go Back   D3scene > Hot Games > Counter Strike forum > CS 1.6 Hacks
Reload this Page Aimbot_KZK_09.rar
Register Blogs Live view Downloads D3 Clan FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Aimbot_KZK_09.rar

This is a discussion on Aimbot_KZK_09.rar within the CS 1.6 Hacks forum part of the Counter Strike forum category; Aimbot_KZK_09.rar is a polish trojan that is floating around. Its designed to look like MPH Aimbot Leis 05.. but theres ...


Welcome on D3scene.com! Make sure to register - it's free and very quick! You have to register before you can post and participate in our discussions with 70000 other registered members. Downloads, user profiles and some forums can only be seen by registered members. After you create your free account you will be able to customize many options, you will have the full access to new hacks, latest cheats and last but not least will see no advertisements at all. We would love to see you around in our community!
Closed Thread
Page 1 of 2 1 2
 
LinkBack Thread Tools Display Modes
  #1  
Old 03-29-2009, 08:43 PM
Guru

  
Join Date: Mar 2009
Posts: 80
Thanks: 0
Thanked 13 Times in 8 Posts
Reputation: 207
Rep Power: 2
CampStaff has a spectacular aura aboutCampStaff has a spectacular aura aboutCampStaff has a spectacular aura about
Send a message via MSN to CampStaff
Aimbot_KZK_09.rar
Aimbot_KZK_09.rar is a polish trojan that is floating around. Its designed to look like MPH Aimbot Leis 05.. but theres an added exe which contains:


Quote:
File Info

Report generated: 29.3.2009 at 20.14.50 (GMT 1)
Filename: LeisInstal.exe
File size: 487 KB
MD5 Hash: 61C73C527764070494A0ACF224319BE8
SHA1 Hash: 3A1A59961E99F180BB3FDCD17F479D0D8A9DDD0A
Packer detected: Microsoft Visual C++ 6.0 [Overlay]
Self-Extract Archive: Nothing found
Binder Detector: Nothing found
Detection rate: 18 on 24

Detections

a-squared - Nothing found!
Avira AntiVir - ADSPY/Dropper.Ardamax.Gen
Avast - Win32:Ardamax-JC [Trj]
AVG - PSW.Generic5.HHS
BitDefender - Trojan.Spy.Ardamax.N
ClamAV - Trojan.Dropper-2328
Comodo - ApplicUnsaf.Win32.KeyLogger.Ardamax
Dr.Web - Nothing found!
Ewido - Logger.Ardamax.n
F-PROT 6 - W32/Trojan.CCFT
G DATA - Trojan-Spy.Win32.Ardamax.n A
IkarusT3 - Trojan-Spy.Win32.Ardamax
Kaspersky - Trojan-Spy.Win32.Ardamax.n
McAfee - Spy-Agent.cv trojan
MHR (Malware Hash Registry) - Nothing found!
NOD32 v3 - Win32/KeyLogger.Ardamax
Norman - Security Risk W32/Ardamax.DKT
Panda - Nothing found!
Quick Heal - Nothing found!
Solo Antivirus - Nothing found!
Sophos - Ardamax Installer
TrendMicro - TSPY_ARDAMAX.GA
VBA32 - Trojan-Spy.Win32.Ardamax.n
Virus Buster - TrojanSpy.Ardamax.W
Weeee!! Trojan Alert

Ok, lets see what the trojan does:
Code:
Autostart capabilities: This executable registers processes to be executed at system start. This could result in unwanted actions to be performed automatically.  
   
Changes security settings of Internet Explorer: This system alteration could seriously affect safety surfing the World Wide Web.     

Creates files in the Windows system directory: Malware often keeps copies of itself in the Windows directory to stay undetected by users.     

Performs File Modification and Destruction: The executable modifies and destructs files which are not temporary.   
Spawns Processes: The executable produces processes during the execution.     

Performs Registry Activities: The executable reads and modifies register values. It also creates and monitors register keys


So, when we Sandbox the trojan and see what it does, it shows it installs:
Code:
C:\WINDOWS\system32\28463\XUBX.001
C:\WINDOWS\system32\28463\XUBX.006
C:\WINDOWS\system32\28463\XUBX.007
C:\WINDOWS\system32\28463\XUBX.exe
C:\WINDOWS\system32\28463\AKV.exe

And creates this directory:
Code:
C:\WINDOWS\system32\28463\
Then it opens and/or modifies these keys:

Code:
KLM\​Software\​Microsoft\​Windows\​CurrentVersion\​Explorer\​Shell Folders
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​User Shell Folders     maximum allowed     success or wait     4
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​Shell Folders     maximum allowed     success or wait     4
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​ MountPoints2\​​{2bc8d614-99d0-11dd-990b-806d6172696f}\​​     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​ MountPoints2\​​{215e6ac3-939c-11dd-8601-806d6172696f}\​​     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​ MountPoints2\​​{215e6ac2-939c-11dd-8601-806d6172696f}\​​     maximum allowed     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Explorer\​​User Shell Folders     maximum allowed     success or wait     2
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Explorer\​​Shell Folders     maximum allowed     success or wait     2
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​LeisInstal.exe     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​System\​​CurrentControlSet\​​Control\​​Terminal Server     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     3
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​MSVCRT.dll     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​GDI32.dll     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​USER32.dll     generic read     object name not found     1
\​​Registry\​​MACHINE\​​System\​​CurrentControlSet\​​Control\​​Session Manager     query value and read or execute     success or wait     1
\​​Registry\​​MACHINE\​​System\​​CurrentControlSet\​​Control\​​SafeBoot\ ​​Option     query value and set value and read or execute and write     object name not found     3
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers     query value and read or execute     success or wait     5
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​Secur32.dll     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​RPCRT4.dll     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​ADVAPI32.dll     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​SOFTWARE\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Winlogon     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE     maximum allowed     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Diagnostics     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​IMM32.DLL     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​ntdll.dll     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​kernel32.dll     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​System\​​CurrentControlSet\​​Control\​​Error Message Instrument\​​     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​GRE_Initialize     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Windows     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​SHLWAPI.dll     generic read     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Explorer\​​Performance     maximum allowed     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​SHELL32.dll     generic read     object name not found     1
\​​REGISTRY\​​MACHINE\​​SYSTEM\​​Setup     query value and read or execute     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\​​ SideBySide\​​AssemblyStorageRoots     enumerate sub key and read or execute     object name not found     2
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​comctl32.dll     generic read     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     3
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Control Panel\​​Desktop     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​Advanced     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​LanguagePack     query value and read or execute     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​@2.tmp     generic read     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Windows\​​CurrentVersion\ ​​ShellCompatibility\​​Applications\​​LeisInstal.exe     query value and enumerate sub key and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​ole32.dll     generic read     object name not found     1
\​​REGISTRY\​​MACHINE\​​SYSTEM\​​CurrentControlSet\​​Control\​​Session Manager     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Ole     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​Interface     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​Interface\​​ {00020400-0000-0000-C000-000000000046}     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​MSCTF.dll     generic read     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​CTF\​​Compatibility\​​ LeisInstal.exe     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​CTF\​​SystemShared\​​     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Keyboard Layout\​​Toggle     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​CTF\​​     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Explorer     query value and read or execute     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​netapi32.dll     generic read     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Rpc\​​PagedBuffers     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Rpc     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​LeisInstal.exe\​​RpcThreadPoolThrottle     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows NT\​​Rpc     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​System\​​CurrentControlSet\​​Control\​​ComputerName     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SYSTEM\​​ControlSet001\​​Control\​​ComputerName\ ​​ActiveComputerName     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Policies\​​Explorer     query value and read or execute     object name not found     20
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Policies\​​Explorer     query value and read or execute     success or wait     20
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Windows\​​CurrentVersion\ ​​ShellCompatibility\​​Objects\​​{20D04FE0-3AEA-1069-A2D8-08002B30309D}     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500_Classes     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​CLSID\​​ {20D04FE0-3AEA-1069-A2D8-08002B30309D}\​​InProcServer32     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​CLSID\​​ {20D04FE0-3AEA-1069-A2D8-08002B30309D}\​​InProcServer32     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​CLSID\​​ {20D04FE0-3AEA-1069-A2D8-08002B30309D}\​​InProcServer32     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​Drive\​​shellex\​ ​FolderExtensions     enumerate sub key and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​Drive\​​shellex\​​ FolderExtensions     enumerate sub key and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​Drive\​​shellex\​ ​FolderExtensions     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​Drive\​​shellex\​ ​FolderExtensions\​​{fbeb8a05-beee-4442-804e-409d6c4515e9}     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​Drive\​​shellex\​​ FolderExtensions\​​{fbeb8a05-beee-4442-804e-409d6c4515e9}     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​Drive\​​shellex\​ ​FolderExtensions\​​{fbeb8a05-beee-4442-804e-409d6c4515e9}     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​FileExts     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​FileExts\​​ .exe     maximum allowed     object name not found     4
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.exe     maximum allowed     object name not found     2
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.exe     maximum allowed     success or wait     2
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​.exe     maximum allowed     object name not found     3
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​exefile     maximum allowed     object name not found     2
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​exefile     maximum allowed     success or wait     2
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​exefile\​​CurVer     query value and read or execute     object name not found     2
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​exefile\​​CurVer     query value and read or execute     object name not found     2
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​exefile     maximum allowed     object name not found     7
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​exefile\​​     maximum allowed     success or wait     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Policies\​​System     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​Advanced     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​exefile\​​ ShellEx\​​IconHandler     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​exefile\​​ShellEx\​​ IconHandler     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​ SystemFileAssociations\​​.exe     maximum allowed     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​SystemFileAssociations\​​.exe     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​ SystemFileAssociations\​​application     maximum allowed     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​SystemFileAssociations\​​ application     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​exefile\​​Clsid     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​exefile\​​Clsid     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​*     maximum allowed     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​*     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​*\​​Clsid     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​*\​​Clsid     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​SETUPAPI.dll     generic read     object name not found     1
\​​REGISTRY\​​MACHINE\​​System\​​Setup     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     2
\​​REGISTRY\​​MACHINE\​​SYSTEM\​​CurrentControlSet\​​Control\​​MiniNT     query value and set value and create sub key and enumerate sub key and notify and create link and read or execute and write and delete and read control and write dac and write owner     object name not found     1
\​​REGISTRY\​​MACHINE\​​System\​​WPA\​​PnP     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SYSTEM\​​Setup     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     2
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Setup     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     4
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Setup     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Setup\​​AppLogLevels     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​System\​​CurrentControlSet\​​Control\​​ ComputerName\​​ActiveComputerName     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
HKEY_LOCAL_MACHINE\​​System\​​CurrentControlSet\​​Services\​​Tcpip\​​ Parameters     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     2
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​System\​​ DNSclient     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​ MountPoints2\​​CPC\​​Volume     maximum allowed     success or wait     10
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​ MountPoints2\​​CPC\​​Volume\​​{215e6ac2-939c-11dd-8601-806d6172696f}\​​     maximum allowed     success or wait     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​ MountPoints2\​​CPC\​​Volume\​​{215e6ac3-939c-11dd-8601-806d6172696f}\​​     maximum allowed     success or wait     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​ MountPoints2\​​CPC\​​Volume\​​{2bc8d614-99d0-11dd-990b-806d6172696f}\​​     maximum allowed     success or wait     6
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​Directory     maximum allowed     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​Directory     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​Directory\​​ CurVer     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​Directory\​​CurVer     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​Directory     maximum allowed     object name not found     6
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​Directory\​​     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​Directory\​​ ShellEx\​​IconHandler     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​Directory\​​ShellEx\​​ IconHandler     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​Directory\​​Clsid     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​Directory\​​Clsid     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​Folder     maximum allowed     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​Folder     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​Folder\​​Clsid     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​Folder\​​Clsid     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Explorer\​​ShellExecuteHooks     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​CLSID\​​ {AEB6717E-7E19-11D0-97EE-00C04FD91972}\​​InProcServer32     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​CLSID\​​ {AEB6717E-7E19-11D0-97EE-00C04FD91972}\​​InProcServer32     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​CLSID\​​ {AEB6717E-7E19-11d0-97EE-00C04FD91972}\​​InProcServer32     maximum allowed     object name not found     2
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Policies\​​Associations     query value and read or execute     object name not found     4
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Policies\​​ Associations     query value and read or execute     success or wait     4
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.exe     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.exe     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.ade     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.ade     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.adp     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.adp     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.app     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.app     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.asp     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.asp     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​.asp     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.bas     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.bas     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.bat     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.bat     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​.bat     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.cer     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.cer     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​.cer     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.chm     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.chm     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​.chm     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.cmd     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.cmd     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​.cmd     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.com     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.com     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​.com     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.cpl     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.cpl     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​.cpl     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.crt     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.crt     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​.crt     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​.csh     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​.csh     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​COM3     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     4
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​COMRes.dll     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​OLEAUT32.dll     generic read     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​OLEAUT     query value and read or execute     object name not found     2
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​OLEAUT\​​UserEra     query value and enumerate sub key and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​VERSION.dll     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​CLBCATQ.DLL     generic read     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​COM3\​​Debug     query value and set value and create sub key and enumerate sub key and notify and create link and read or execute and write and delete and read control and write dac and write owner     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​COM3\​​Debug     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​OLE     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
HKEY_USERS\​​S-1-5-21-2000478354-1770027372-682003330-500_Classes     maximum allowed     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Classes     maximum allowed     success or wait     3
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​COM3     maximum allowed     success or wait     6
\​​REGISTRY\​​USER     notify and read or execute     success or wait     3
\​​REGISTRY\​​MACHINE\​​Software\​​Classes\​​CLSID     maximum allowed     success or wait     2
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​CLSID\​​ {7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     5
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​CLSID\​​ {7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     5
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​TreatAs     query value and read or execute     object name not found     2
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​TreatAs     query value and read or execute     object name not found     2
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​InprocServer32     maximum allowed     object name not found     7
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​InprocServer32     maximum allowed     success or wait     3
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​InprocServerX86     maximum allowed     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​InprocServerX86     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​LocalServer32     maximum allowed     object name not found     2
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​LocalServer32     maximum allowed     object name not found     2
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​InprocHandler32     maximum allowed     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​InprocHandler32     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​InprocHandlerX86     maximum allowed     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​InprocHandlerX86     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​LocalServer     maximum allowed     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}\​​LocalServer     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​CLSID\​​ {7b8a2d94-0ac9-11d1-896c-00c04Fb6bfc4}     maximum allowed     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​iertutil.dll     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​urlmon.dll     generic read     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​PROTOCOLS\​​ Name-Space Handler\​​     maximum allowed     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​PROTOCOLS\​​Name-Space Handler     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​PROTOCOLS\​​ Name-Space Handler     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ SOFTWARE\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings     query value and read or execute     object name not found     2
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Internet Settings     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings     query value and read or execute     object name not found     3
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl     query value and read or execute     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl     query value and read or execute     object name not found     2
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl     query value and read or execute     success or wait     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl     query value and read or execute     object name not found     2
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​ FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​ZoneMap\​​Domains\​​     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​ZoneMap\​​Domains\​​     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​ZoneMap\​​Ranges\​​     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​ZoneMap\​​Ranges\​​     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_OBJECT_CACHING     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_ZONE_ELEVATION     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_MIME_HANDLING     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_MIME_SNIFFING     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_WINDOW_RESTRICTIONS     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_WEBOC_POPUPMANAGEMENT     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_BEHAVIORS     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_DISABLE_MK_PROTOCOL     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_LOCALMACHINE_LOCKDOWN     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_SECURITYBAND     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_RESTRICT_ACTIVEXINSTALL     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_VALIDATE_NAVIGATE_URL     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_RESTRICT_FILEDOWNLOAD     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_ADDON_MANAGEMENT     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_PROTOCOL_LOCKDOWN     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​ FEATURE_HTTP_USERNAME_PASSWORD_DISABLE     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_SAFE_BINDTOOBJECT     query value and read or execute     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_UNC_SAVEDFILECHECK     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​ FEATURE_GET_URL_DOM_FILEPATH_UNENCODED     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_TABBED_BROWSING     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_SSLUX     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_DISABLE_NAVIGATION_SOUNDS     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_DISABLE_LEGACY_COMPRESSION     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_FORCE_ADDR_AND_STATUS     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_XMLHTTP     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_DISABLE_TELNET_PROTOCOL     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_FEEDS     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Main\​​FeatureControl\​​FEATURE_BLOCK_INPUT_PROMPTS     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​CLSID\​​ {7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\​​InProcServer32     query value and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​CLSID\​​ {7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\​​InProcServer32     query value and read or execute     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​ZoneMap\​​     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     2
\​​REGISTRY\​​MACHINE\​​Software\​​Policies     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​ZoneMap\​​Ranges\​​     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​ZoneMap\​​ProtocolDefaults\​​     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​ZoneMap\​​Domains\​​     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Internet Settings\​​ZoneMap\​​Domains\​​     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Internet Settings\​​ZoneMap\​​Domains\​​msn.com     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Internet Settings\​​ZoneMap\​​Domains\​​msn.com\​​related     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Internet Explorer     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ SOFTWARE\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings     query value and read or execute     success or wait     2
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Internet Settings     query value and read or execute     success or wait     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Internet Explorer     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Internet Explorer\​​Security     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Microsoft\​​Internet Explorer\​​Security     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​0     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​1     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​2     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​3     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​4     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Zones\​​     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     3
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​0     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     4
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Zones\​​0     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​0     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​1     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     3
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Zones\​​1     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​1     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​ZoneMap\​​     query value and set value and create sub key and enumerate sub key and notify and read or execute and write and read control     success or wait     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​2     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     3
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Zones\​​2     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​2     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​3     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     3
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Zones\​​3     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​3     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​4     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     3
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Zones\​​4     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Zones\​​4     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     3
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​0     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​0     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​0     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​1     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​1     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​1     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​2     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​2     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​2     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​3     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​3     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​3     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​4     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​ CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​4     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     2
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​CurrentVersion\​​Internet Settings\​​Lockdown_Zones\​​4     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     2
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​exefile\​​shell\​ ​open     maximum allowed     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​exefile\​​shell\​​open     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​exefile\​​shell\​ ​open\​​command     query value and read or execute     object name not found     3
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​exefile\​​shell\​​open\​​ command     query value and read or execute     success or wait     3
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​exefile\​​shell\​ ​open\​​command     maximum allowed     object name not found     3
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Policies\​​Explorer\​​ RestrictRun     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​App Paths\​​XUBX.exe     query value and read or execute     object name not found     5
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_Classes\​​exefile\​​shell\​ ​open\​​ddeexec     query value and read or execute     object name not found     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Classes\​​exefile\​​shell\​​open\​​ ddeexec     query value and read or execute     object name not found     1
\​​REGISTRY\​​USER\​​ S-1-5-21-2000478354-1770027372-682003330-500_CLASSES\​​Applications\​​ XUBX.exe     maximum allowed     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Classes\​​Applications\​​XUBX.exe     maximum allowed     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​ShellNoRoam     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​ShellNoRoam\​​MUICache     maximum allowed     success or wait     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​ShellNoRoam\​​MUICache\​​     maximum allowed     success or wait     2
\​​REGISTRY\​​MACHINE\​​Software\​​Microsoft\​​Windows\​​CurrentVersion\ ​​Explorer\​​FileAssociation     query value and read or execute     success or wait     2
\​​Registry\​​MACHINE\​​System\​​CurrentControlSet\​​Control\​​Session Manager\​​AppCertDlls     query value and read or execute     object name not found     1
\​​Registry\​​MACHINE\​​System\​​CurrentControlSet\​​Control\​​Session Manager\​​AppCompatibility     query value and read or execute     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​Apphelp.dll     generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​System\​​WPA\​​TabletPC     query value and wow64 64key and wow64 resource and read or execute     object name not found     1
HKEY_LOCAL_MACHINE\​​SYSTEM\​​WPA\​​MediaCenter     query value and wow64 64key and wow64 resource and read or execute     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​AppCompatFlags\​​Layers     wow64 64key and wow64 resource and generic read     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​AppCompatFlags\​​Layers     wow64 64key and wow64 resource and generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​AppCompatFlags\​​Custom\​​XUBX.exe     wow64 64key and wow64 resource and generic read     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​LevelObjects     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​0\​​Paths     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Policies\​​Microsoft\​​Windows\​​ Safer\​​CodeIdentifiers\​​0\​​Paths\​​ {dda3f824-d8cb-441b-834d-be2efd2c1a33}     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​0\​​Hashes     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Policies\​​Microsoft\​​Windows\​​ Safer\​​CodeIdentifiers\​​0\​​Hashes\​​ {349d35ab-37b5-462f-9b89-edd5fbde1328}     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Policies\​​Microsoft\​​Windows\​​ Safer\​​CodeIdentifiers\​​0\​​Hashes\​​ {7fb9cd2e-3076-4df9-a57b-b813f72dbb91}     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Policies\​​Microsoft\​​Windows\​​ Safer\​​CodeIdentifiers\​​0\​​Hashes\​​ {81d1fe15-dd9d-4762-b16d-7c29ddecae3f}     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Policies\​​Microsoft\​​Windows\​​ Safer\​​CodeIdentifiers\​​0\​​Hashes\​​ {94e3e076-8f53-42a5-8411-085bcc18a68d}     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
\​​REGISTRY\​​MACHINE\​​SOFTWARE\​​Policies\​​Microsoft\​​Windows\​​ Safer\​​CodeIdentifiers\​​0\​​Hashes\​​ {dc971ee5-44eb-4fe4-ae2e-b91490411bfc}     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​0\​​UrlZones     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​4096\​​Paths     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​4096\​​Hashes     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​4096\​​UrlZones     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​65536\​​Paths     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​65536\​​Hashes     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​65536\​​UrlZones     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​131072\​​Paths     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​131072\​​Hashes     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​131072\​​UrlZones     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​262144\​​Paths     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​262144\​​Hashes     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
HKEY_LOCAL_MACHINE\​​Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​ ​CodeIdentifiers\​​262144\​​UrlZones     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​0\ ​​Paths     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​0\ ​​Hashes     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​0\ ​​UrlZones     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 4096\​​Paths     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 4096\​​Hashes     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 4096\​​UrlZones     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 65536\​​Paths     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 65536\​​Hashes     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 65536\​​UrlZones     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 131072\​​Paths     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 131072\​​Hashes     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 131072\​​UrlZones     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 262144\​​Paths     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 262144\​​Hashes     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers\​​ 262144\​​UrlZones     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Policies\​​Microsoft\​​Windows\​​Safer\​​CodeIdentifiers     query value and enumerate sub key and notify and read or execute and write and read control     object name not found     1
\​​REGISTRY\​​USER\​​S-1-5-21-2000478354-1770027372-682003330-500\​​ Software\​​Microsoft\​​Windows\​​CurrentVersion\​​Explorer\​​Shell Folders     query value and enumerate sub key and notify and read or execute and write and read control     success or wait     1
HKEY_LOCAL_MACHINE\​​Software\​​Microsoft\​​Windows NT\​​CurrentVersion\​​Image File Execution Options\​​XUBX.exe

And sends your data and passwords to him, or he can watch you type on your computer in real time.
The Following 3 Users Say Thank You to CampStaff For This Useful Post:
D3scene
Welcome to D3scene - probably the best location for all Gamers.

To participate in our friendly environment you have to register. After completing registration you will have full access to all threads and features. We care about members and try to make your stay as pleasant as possible. We are unique with the following feature for members - you will not see a single Advertisement!


The best: registration is completely free. It will not cost you a single penny or harm you in any way. You will lose nothing except 1 minute of your time. So why not register? We would be happy to see you around!
  #2  
Old 04-19-2009, 08:28 AM
jayezor's Avatar
Member

  
Join Date: Apr 2009
Posts: 46
Blog Entries: 1
Thanks: 6
Thanked 2 Times in 2 Posts
Reputation: 18
Rep Power: 1
jayezor is on a distinguished road
Woah i was just about to download the aimbot Nm Ill Cancel Thnx
  #3  
Old 05-06-2009, 03:46 PM
Newbie

  
Join Date: May 2009
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Reputation: 0
Rep Power: 1
WeZZi is an unknown quantity at this point
Im not gonna download that
  #4  
Old 05-08-2009, 07:29 AM
Newbie

  
Join Date: Apr 2009
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Reputation: 0
Rep Power: 1
alam2200 is an unknown quantity at this point
good
  #5  
Old 05-08-2009, 06:35 PM
Newbie

  
Join Date: Nov 2008
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Reputation: 0
Rep Power: 1
titti is an unknown quantity at this point
noob
  #6  
Old 05-14-2009, 06:54 PM
Wannabe Member

  
Join Date: May 2009
Posts: 16
Thanks: 0
Thanked 0 Times in 0 Posts
Reputation: 11
Rep Power: 1
dominic1 is on a distinguished road
full of ardamax shit... it's a keylogger.
  #7  
Old 05-31-2009, 10:10 PM
Wannabe Member

  
Join Date: May 2009
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
Reputation: 0
Rep Power: 1
djstathis is an unknown quantity at this point
can i downloaded it and close my avg antivirus?
  #8  
Old 06-27-2009, 07:02 AM
Newbie

  
Join Date: Jun 2009
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Reputation: 0
Rep Power: 1
onighosh is an unknown quantity at this point
thanks campstaff i was gona download it
  #9  
Old 07-01-2009, 04:29 PM
Newbie

  
Join Date: Jul 2009
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Reputation: 0
Rep Power: 1
Gamblerboy is an unknown quantity at this point
Can any help me ? I don't know how to download this....
  #10  
Old 07-05-2009, 09:22 AM
Banned User
  
Join Date: Jun 2009
Posts: 39
Thanks: 1
Thanked 0 Times in 0 Posts
Reputation: 0
Rep Power: 0
ExoDaz is an unknown quantity at this point
will this get u banned?
D3scene
Welcome to D3scene - probably the best location for all Gamers.

To participate in our friendly environment you have to register. After completing registration you will have full access to all threads and features. We care about members and try to make your stay as pleasant as possible. We are unique with the following feature for members - you will not see a single Advertisement!


The best: registration is completely free. It will not cost you a single penny or harm you in any way. You will lose nothing except 1 minute of your time. So why not register? We would be happy to see you around!
Closed Thread
Page 1 of 2 1 2

« lan hack | How to unban?? »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


All times are GMT +1. The time now is 08:40 PM.

Advertise - WoW Hacks, Cheats, Bots - Top
Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.0 ©2009, Crawlability, Inc.
vBulletin style developed by Transverse Styles