PUA_INSTALLCORE.GY

Publish date: 22 de febrero de 2018

Análisis realizado por : Byron Jon Gelera

Alias

a variant of Win32/InstallCore.ANQ potentially unwanted (ESET-NOD32)

Plataforma:

Windows

Riesgo general:

Potencial de destrucción:

Potencial de distribución:

Infección divulgada:

Revelación de la información:

Bajo

Medio

High

Crítico

Tipo de malware
Potentially Unwanted Application
Destructivo?
No
Cifrado
In the Wild:
Sí

Resumen y descripción

Puede haberlo instalado manualmente un usuario.

Detalles técnicos

Tamaño del archivo 1,465,784 bytes

Tipo de archivo EXE

Fecha de recepción de las muestras iniciales 22 Feb 2018

Detalles de entrada

Puede haberlo instalado manualmente un usuario.

Instalación

Agrega las carpetas siguientes:

%User Temp%\in{random}
%Program Files%\WinZip

(Nota: %User Temp% es la carpeta Temp del usuario activo, que en el caso de Windows 2000, XP y Server 2003 suele estar en C:\Documents and Settings\{nombre de usuario}\Local Settings\Temp).

. %Program Files% es la carpeta Archivos de programa predeterminada, que suele estar en C:\Archivos de programa).

)

Infiltra los archivos siguientes:

%User Temp%\{random}.log
%User Temp%\ICReinstall_123.exe
%Desktop%\Continue WinZip Installation.lnk
%User Temp%\in{random}\css\ie6_main.css
%User Temp%\in{random}\css\main.css
%User Temp%\in{random}\css\sdk-ui\browse.css
%User Temp%\in{random}\css\sdk-ui\button.css
%User Temp%\in{random}\css\sdk-ui\checkbox.css
%User Temp%\in{random}\css\sdk-ui\images\button-bg.png
%User Temp%\in{random}\css\sdk-ui\images\progress-bg-corner.png
%User Temp%\in{random}\css\sdk-ui\images\progress-bg.png
%User Temp%\in{random}\css\sdk-ui\images\progress-bg2.png
%User Temp%\in{random}\css\sdk-ui\progress-bar.css
%User Temp%\in{random}\csshover3.htc
%User Temp%\in{random}\form.bmp.Mask
%User Temp%\in{random}\images\arrow.png
%User Temp%\in{random}\images\BG.png
%User Temp%\in{random}\images\Close.png
%User Temp%\in{random}\images\Close_Hover.png
%User Temp%\in{random}\images\Color_Button.png
%User Temp%\in{random}\images\Color_Button_Hover.png
%User Temp%\in{random}\images\Grey_Button.png
%User Temp%\in{random}\images\Grey_Button_Hover.png
%User Temp%\in{random}\images\Loader.gif
%User Temp%\in{random}\images\Progress.png
%User Temp%\in{random}\images\ProgressBar.png
%User Temp%\in{random}\images\Welcome_BG.jpg
%User Temp%\in{random}\locale\CS.locale
%User Temp%\in{random}\locale\DE.locale
%User Temp%\in{random}\locale\EN.locale
%User Temp%\in{random}\locale\ES.locale
%User Temp%\in{random}\locale\FR.locale
%User Temp%\in{random}\locale\IT.locale
%User Temp%\in{random}\locale\JA.locale
%User Temp%\in{random}\locale\KO.locale
%User Temp%\in{random}\locale\NL.locale
%User Temp%\in{random}\locale\PT.locale
%User Temp%\in{random}\locale\RU.locale
%User Temp%\in{random}\locale\TW.locale
%User Temp%\in{random}\locale\ZH.locale
%User Temp%\in{random}\wnzpw.dll
%User Temp%\in{random}\bootstrap_37123.html
%ProgramData%\WinZip\ipp.cfg
%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk
%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk
%ProgramData%\Microsoft\Windows\Start Menu\Programs\WinZip 20.5\WinZip 20.5.lnk
%ProgramData%\Microsoft\Windows\Start Menu\WinZip.lnk
%Desktop%\WinZip.lnk
%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk
%ProgramData%\Microsoft\Windows\Start Menu\Update Notifier.lnk
%ProgramData%\Microsoft\Windows\Start Menu\WinZip BG Tools.lnk
%ProgramData%\WinZip\WinZip.addon
%Program Files%\WinZip\WZSHLSTB.DLL
%Program Files%\WinZip\WZCAB3.DLL
%Program Files%\WinZip\WZFILVW32.OCX
%Program Files%\WinZip\WZVINFO32.DLL
%Program Files%\WinZip\WZSHLEX1.DLL
%Program Files%\WinZip\WINZIP32.EXE
%Program Files%\WinZip\WZZPMAIL32.DLL
%Program Files%\WinZip\WZ32.DLL
%Program Files%\WinZip\WZQKPICK32.EXE
%Program Files%\WinZip\WZSEPE32.EXE
%Program Files%\WinZip\WZFLDVW32.OCX
%Program Files%\WinZip\WZCKTREE32.DLL
%Program Files%\WinZip\WZEAY32.DLL
%Program Files%\WinZip\WZMSG.EXE
%Program Files%\WinZip\en-US\MYDOCS.WJF
%Program Files%\WinZip\en-US\wzfldvw32.ocx.mui
%Program Files%\WinZip\en-US\MYFAVS.WJF
%Program Files%\WinZip\en-US\MYE-MAIL.WJF
%Program Files%\WinZip\en-US\MYDSKTOP.WJF
%Program Files%\WinZip\en-US\USRCOMBO.WJF
%Program Files%\WinZip\WZGDIP32.DLL
%Program Files%\WinZip\WZIMGV32.DLL
%Program Files%\WinZip\WZWIA32.DLL
%Program Files%\WinZip\7ZXA32.DLL
%Program Files%\WinZip\LDCdBldr32.dll
%Program Files%\WinZip\VirtCDRDrv32.dll
%Program Files%\WinZip\wzwipe32.exe
%Program Files%\WinZip\WzPreviewer32.exe
%Program Files%\WinZip\en-US\LIBALL.WJF
%Program Files%\WinZip\en-US\LIBPICS.WJF
%Program Files%\WinZip\en-US\LIBDOCS.WJF
%Program Files%\WinZip\en-US\winzip32.exe.mui
%Program Files%\WinZip\en-US\WzPreviewer32.exe.mui
%Program Files%\WinZip\en-US\wzcab64.dll.mui
%Program Files%\WinZip\en-US\wzqkpick32.exe.mui
%Program Files%\WinZip\en-US\wzimgv32.dll.mui
%Program Files%\WinZip\en-US\wzshlx64.dll.mui
%Program Files%\WinZip\en-US\wzcab3.dll.mui
%Program Files%\WinZip\en-US\wzshlex1.dll.mui
%Program Files%\WinZip\en-US\WzWia32.dll.mui
%Program Files%\WinZip\en-US\WzCkTree32.dll.mui
%Program Files%\WinZip\en-US\wzsepe32.exe.mui
%Program Files%\WinZip\en-US\wzfilvw32.ocx.mui
%Program Files%\WinZip\0100WZ.wzconfig
%Program Files%\WinZip\en-US\wzwipe32.exe.mui
%Program Files%\WinZip\en-US\wz32.dll.mui
%Program Files%\WinZip\en-US\wzzpmail32.dll.mui
%Program Files%\WinZip\WzBanner.dll
%Program Files%\WinZip\Utils\WzSysScan\lang.lng
%Program Files%\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe
%Program Files%\WinZip\Utils\WzSysScan\KillWINZIPSSProcesses.exe
%Program Files%\WinZip\Utils\WzSysScan\Microsoft.VC90.ATL.manifest
%Program Files%\WinZip\Utils\WzSysScan\MFC90ESP.dll
%Program Files%\WinZip\Utils\WzSysScan\privprotector.ini
%Program Files%\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe
%Program Files%\WinZip\Utils\WzSysScan\msvcp90.dll
%Program Files%\WinZip\Utils\WzSysScan\wzpsssys.dll
%Program Files%\WinZip\Utils\WzSysScan\MFC90DEU.dll
%Program Files%\WinZip\Utils\WzSysScan\regclean.ini
%Program Files%\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll
%Program Files%\WinZip\Utils\WzSysScan\msvcr90.dll
%Program Files%\WinZip\Utils\WzSysScan\mfc90u.dll
%Program Files%\WinZip\Utils\WzSysScan\MFC90ITA.dll
%Program Files%\WinZip\Utils\WzSysScan\MFC90FRA.dll
%Program Files%\WinZip\Utils\WzSysScan\client.ini
%Program Files%\WinZip\Utils\WzSysScan\Microsoft.VC90.MFC.manifest
%Program Files%\WinZip\Utils\WzSysScan\MFC90JPN.dll
%Program Files%\WinZip\Utils\WzSysScan\sysclean.ini
%Program Files%\WinZip\Utils\WzSysScan\aso.ini
%Program Files%\WinZip\Utils\WzSysScan\atl90.dll
%Program Files%\WinZip\Utils\WzSysScan\asores.dll
%Program Files%\WinZip\Utils\WzSysScan\sqlite3.dll
%Program Files%\WinZip\Utils\WzSysScan\Microsoft.VC90.CRT.manifest
%Program Files%\WinZip\Utils\WzSysScan\MFC90ENU.dll
%Program Files%\WinZip\Utils\WzSysScan\MFC90KOR.dll
%Program Files%\WinZip\Utils\WzSysScan\Microsoft.VC90.MFCLOC.manifest
%Program Files%\WinZip\Utils\WzSysScan\regopt.ini
%Program Files%\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe
%Program Files%\WinZip\Utils\WzSysScan\MFC90CHS.dll
%Program Files%\WinZip\Utils\WzSysScan\asohtm.dll
%Program Files%\WinZip\Utils\WzSysScan\MFC90CHT.dll
%Program Files%\WinZip\Utils\WzSysScan\MFC90ESN.dll
%Program Files%\WinZip\Utils\WzSysScan\WINZIPSS.exe
%Program Files%\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe
%Program Files%\WinZip\Utils\WzSysScan\xmllite.dll
%Program Files%\WinZip\ULCDRDrv32.dll
%Program Files%\WinZip\WzWXFfbsm32.dll
%Program Files%\WinZip\SMProvider32.dll
%Program Files%\WinZip\en-US\SMProvider32.dll.mui
%Program Files%\WinZip\LdrtBurn32.DLL
%Program Files%\WinZip\LudfWrtr32.DLL
%Program Files%\WinZip\WzWFR32.dll
%Program Files%\WinZip\en-US\WzWFR32.dll.mui
%Program Files%\WinZip\WzWXFivrs32.dll
%Program Files%\WinZip\en-US\WzWXFivrs32.dll.mui
%Program Files%\WinZip\WzWXFd2p32.dll
%Program Files%\WinZip\en-US\WzWXFd2p32.dll.mui
%Program Files%\WinZip\Aspose.Words.xml
%Program Files%\WinZip\Aspose.Words.dll
%Program Files%\WinZip\Aspose.Slides.xml
%Program Files%\WinZip\Aspose.Slides.dll
%Program Files%\WinZip\Aspose.Pdf.xml
%Program Files%\WinZip\Aspose.Pdf.dll
%Program Files%\WinZip\Aspose.Cells.xml
%Program Files%\WinZip\Aspose.Cells.dll
%Program Files%\WinZip\WzWXFwmrk32.dll
%Program Files%\WinZip\en-US\WzWXFwmrk32.dll.mui
%Program Files%\WinZip\WzWXFoned32.dll
%Program Files%\WinZip\WzWXFgdrv32.dll
%Program Files%\WinZip\WzWXFdbox32.dll
%Program Files%\WinZip\System.CoreEx.dll
%Program Files%\WinZip\System.Threading.dll
%Program Files%\WinZip\CloudStoragePicker.dll
%Program Files%\WinZip\CloudStorageService.dll
%Program Files%\WinZip\WINZIP32.exe.config
%Program Files%\WinZip\en-US\CloudStoragePicker.resources.dll
%Program Files%\WinZip\WzWXFlkin32.dll
%Program Files%\WinZip\WzWXFbox32.dll
%Program Files%\WinZip\WzWXFcldme32.dll
%Program Files%\WinZip\en-US\CloudMeService.resources.dll
%Program Files%\WinZip\en-US\ZipShareService.resources.dll
%Program Files%\WinZip\en-US\SugarSyncService.resources.dll
%Program Files%\WinZip\BoxService.dll
%Program Files%\WinZip\CloudMeService.dll
%Program Files%\WinZip\DropboxService.dll
%Program Files%\WinZip\ZipShareService.dll
%Program Files%\WinZip\GoogleDriveService.dll
%Program Files%\WinZip\OneDriveService.dll
%Program Files%\WinZip\SugarSyncService.dll
%Program Files%\WinZip\WzWXFzshare32.dll
%Program Files%\WinZip\WzWXFssync32.dll
%Program Files%\WinZip\WebAuthBroker.exe
%Program Files%\WinZip\WebAuthBroker32.dll
%Program Files%\WinZip\WzWXFtt32.dll
%Program Files%\WinZip\WzExpForSPExtension.exe
%Program Files%\WinZip\CloudStorageService.DesktopExtension.dll
%Program Files%\WinZip\en-US\BoxService.resources.dll
%Program Files%\WinZip\en-US\DropboxService.resources.dll
%Program Files%\WinZip\en-US\GoogleDriveService.resources.dll
%Program Files%\WinZip\en-US\OneDriveService.resources.dll
%Program Files%\WinZip\MediaFireService.dll
%Program Files%\WinZip\en-US\MediaFireService.resources.dll
%Program Files%\WinZip\WzWXFmfire32.dll
%Program Files%\WinZip\IMClient.dll
%Program Files%\WinZip\IMService.dll
%Program Files%\WinZip\WzWXFgtalk32.dll
%Program Files%\WinZip\WzWXFlc32.dll
%Program Files%\WinZip\WzWXFll32.dll
%Program Files%\WinZip\WzWXFln32.dll
%Program Files%\WinZip\WzWXFxmpp32.dll
%Program Files%\WinZip\WzWXFyhm32.dll
%Program Files%\WinZip\LocalService.dll
%Program Files%\WinZip\en-US\IMClient.resources.dll
%Program Files%\WinZip\WzProdAdv.dll
%Program Files%\WinZip\WzWXFFTP32.dll
%Program Files%\WinZip\WzWXFlf32.dll
%Program Files%\WinZip\FTPService.dll
%Program Files%\WinZip\en-US\FTPService.resources.dll
%Program Files%\WinZip\WXFD2P.dll
%Program Files%\WinZip\en-US\WXFD2P.resources.dll
%Program Files%\WinZip\WXFWMRK.dll
%Program Files%\WinZip\en-US\WXFWMRK.resources.dll
%Program Files%\WinZip\WzZEC32.dll
%Program Files%\WinZip\WzWpfCldPicker32.dll
%Program Files%\WinZip\WzDlg32.dll
%Program Files%\WinZip\WzSensor32.dll
%Program Files%\WinZip\WinZipExpressForOffice.dll
%Program Files%\WinZip\en-US\WinZipExpressForOffice.resources.dll
%Program Files%\WinZip\WzPreloader.exe
%Program Files%\WinZip\WzPreloader.exe.config
%Program Files%\WinZip\FAH.exe
%Program Files%\WinZip\FAHConsole.exe
%Program Files%\WinZip\FAHDll32.dll
%Program Files%\WinZip\FAHWindow32.exe
%Program Files%\WinZip\AddinExpress.MSO.2005.dll
%Program Files%\WinZip\AddinExpress.OL.2005.dll
%Program Files%\WinZip\adxloader.dll
%Program Files%\WinZip\adxloader.dll.manifest
%Program Files%\WinZip\adxloader64.dll
%Program Files%\WinZip\adxregistrator.exe
%Program Files%\WinZip\Extensibility.dll
%Program Files%\WinZip\Microsoft.Office.Interop.Word.dll
%Program Files%\WinZip\Microsoft.Office.Interop.PowerPoint.dll
%Program Files%\WinZip\Microsoft.Office.Interop.Excel.dll
%Program Files%\WinZip\Microsoft.Vbe.Interop.dll
%Program Files%\WinZip\Office.dll
%Program Files%\WinZip\UnInstall32.exe
%Program Files%\WinZip\en-US\UnInstall32.exe.mui
%Program Files%\WinZip\WzWXFytb32.dll
%Program Files%\WinZip\WzWXFlh32.dll
%Program Files%\WinZip\WzPrvHand32.dll
%Program Files%\WinZip\WzWXFphrs32.dll
%Program Files%\WinZip\en-US\WzWXFphrs32.dll.mui
%Program Files%\WinZip\WzWXFog32.dll
%Program Files%\WinZip\WzWXFttim32.dll
%Program Files%\WinZip\msvcp140.dll
%Program Files%\WinZip\ToastNotifier.dll
%Program Files%\WinZip\vccorlib140.dll
%Program Files%\WinZip\vcruntime140.dll
%Program Files%\WinZip\WZUpdateNotifier.exe
%Program Files%\WinZip\en-US\WZUpdateNotifier.exe.mui
%Program Files%\WinZip\System.Data.SQLite.dll
%Program Files%\WinZip\SQLite.Interop.dll
%Program Files%\WinZip\en-US\FAH.exe.mui
%Program Files%\WinZip\ipp.dll
%Program Files%\WinZip\RecipientClient.dll
%Program Files%\WinZip\en-US\RecipientClient.resources.dll
%Program Files%\WinZip\WzComAddrBook32.dll
%Program Files%\WinZip\WzAddrgcts32.dll
%Program Files%\WinZip\WzAddrocts32.dll
%Program Files%\WinZip\WzAddrycts32.dll
%Program Files%\WinZip\RecipientService.dll
%Program Files%\WinZip\WzBGTfcdnld32.dll
%Program Files%\WinZip\WzBGTfcdocs32.dll
%Program Files%\WinZip\WzBGTfcpics32.dll
%Program Files%\WinZip\WzBGTrbin32.dll
%Program Files%\WinZip\WzBGTtemp32.dll
%Program Files%\WinZip\WzBGTools.exe
%Program Files%\WinZip\WzBGTools.exe.config
%Program Files%\WinZip\en-US\WzBGTool.resources.dll
%Program Files%\WinZip\WzBGTool.dll
%Program Files%\WinZip\WzBGTWin10Notification.dll
%Program Files%\WinZip\WzWXFlpd32.dll
%Program Files%\WinZip\Interop.PortableDeviceApiLib.dll
%Program Files%\WinZip\Interop.PortableDeviceTypesLib.dll
%Program Files%\WinZip\LocalPortableDeviceService.dll
%Program Files%\WinZip\en-US\LocalPortableDeviceService.resources.dll
%Program Files%\WinZip\WzBGTComServer32.exe

(Nota: %User Temp% es la carpeta Temp del usuario activo, que en el caso de Windows 2000, XP y Server 2003 suele estar en C:\Documents and Settings\{nombre de usuario}\Local Settings\Temp).

. %Desktop% es la carpeta Escritorio del usuario activo, que en el caso de Windows 98 y ME suele estar en C:\Windows\Profiles\{nombre de usuario}\Escritorio, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario}\Escritorio y en el caso de Windows 2000, XP y Server 2003 en C:\Documents and Settings\{nombre de usuario}\Escritorio).

. %Program Files% es la carpeta Archivos de programa predeterminada, que suele estar en C:\Archivos de programa).

)

Otras modificaciones del sistema

Agrega las siguientes entradas de registro como parte de la rutina de instalación:

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip

Agrega las siguientes entradas de registro:

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
shlExt = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
shlExt = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
Common\Email\Share
WinZip = ""

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\directories
zDefDir = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\directories
DefDir = %User Profile%\Documents

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\directories
gzExtractTo = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\directories
ExtractTo = %User Profile%\Documents

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\directories
gzAddDir = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\directories
AddDir = %User Profile%\Documents

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\directories
ZipTempRemovableOnly = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\directories
ZipTemp = %User Temp%

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\directories
CheckOutBase = ""

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
shlExt = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.ZIP = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.LHA = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.LZH = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.TAR = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.TAZ = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.TGZ = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.TZ = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.GZ = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.Z = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.CAB = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.UU = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.UUE = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.XXE = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.B64 = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.HQX = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.BHX = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.MIM = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.BZ2 = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.BZ = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.TBZ = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.TBZ2 = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
.RAR = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\fm
assoc = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
ListFormat1 = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
FullRowSelect = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
GridLines = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
PathMode = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
ThumbLoadDelay = 500

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
ThumbX = 94

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
ThumbY = 94

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
MaxThumbImgSize = -1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
Col_Name = 0,L,128,T

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
Col_Type = 1,L,93,T

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
Col_Date = 2,L,121,T

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
Col_Size = 3,R,60,T

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
Col_Ratio = 4,R,41,T

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
Col_Packed = 5,R,54,T

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
Col_CRC = 6,L,0,F

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
Col_Attrib = 7,L,0,F

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ListView
Col_Path = 8,L,182,T

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\programs
viewer = %Windows%\NOTEPAD.EXE

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\programs
vviewer = ""

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\Splitter
VPosition = 169

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\Splitter
Enabled = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\ToolBar
Button2 = new,open,favor,add,extra,encrypt,view,check,wiz,mode

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\UpdateCheck
NoUpdateChecking = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\UpdateCheck
Period = 7

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\UpdateCheck
CurrentPeriod = 7

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\UpdateCheck
AskFirst = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\UpdateCheck
AutoMode = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\UpdateCheck
EditFlags = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\WinIni
win32_version = 6.3-11.2

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\WinIni
UZQF = L115

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
IBS = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
Setup = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
Wizard = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
VersionDate = 3/25/2014

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
newinstance = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
AOFF = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
LastTip = 10000

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
ShowTips = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
AltDrag = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
Adjustable = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
AlwaysOnTop = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
ReuseWindows = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
StoreExtendedTimestamps = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
StoreUnicodeFilenames = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
SpanDefault = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
DialogSplitFactor = 2

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
ExtractSkipOlder = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
CheckOutIconOnly = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
Display = 800,600

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\winzip
Main = 0,25,25,695,351

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
MenuCfgTable = 22222222222220002222

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
DropDialogWinzip = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
DropDialogExplorer = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
MenuBitmaps = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
ShellExtensionSubMenu = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
AddToFolder = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
CabCheckFixed = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
CabCheckRemovable = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
CabCheckOther = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
CommentCheckFixed = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
CommentCheckRemovable = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\wzshlext
CommentCheckOther = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.ZIP = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.LHA = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.LZH = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.TAR = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.TAZ = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.TGZ = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.TZ = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.GZ = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.Z = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.CAB = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.UU = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.UUE = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.XXE = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.B64 = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.HQX = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.BHX = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.MIM = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.BZ2 = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.BZ = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.TBZ = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.TBZ2 = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.RAR = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
assoc = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
shlExt = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\programs
zip2exe_init = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\programs
viewer = %Windows%\NOTEPAD.EXE

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\programs
zip2exe = %Program Files%\WinZip\WZSEPE32.EXE

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\UpdateCheck
NoUpdateChecking = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\UpdateCheck
Period = 7

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\UpdateCheck
CurrentPeriod = 7

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\UpdateCheck
AskFirst = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\UpdateCheck
AutoMode = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\UpdateCheck
EditFlags = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WinIni
Setup = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WinIni
win32_version = 6.3-11.2

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
IBS = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
Setup = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
Wizard = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
VersionDate = 3/25/2014

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
newinstance = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
DropDialogWinzip = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
DropDialogExplorer = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
MenuBitmaps = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
ShellExtensionSubMenu = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
AddToFolder = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
CabCheckFixed = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
CabCheckRemovable = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
CabCheckOther = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
CommentCheckFixed = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
CommentCheckRemovable = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
CommentCheckOther = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
MenuCfgTable = 22222222222220002222

HKEY_CURRENT_USER\Software\Nico Mak Computing\
Common\Update Notifier\UpdtMgr000
ProductState = ""

HKEY_CURRENT_USER\Software\Nico Mak Computing\
Common\Update Notifier\UpdtMgr000
ProductExpiration = ""

HKEY_CURRENT_USER\Software\Nico Mak Computing\
File Association Helper
Enabled = 1

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\Tools\WzBGTfcpics
ToolEnabled = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\Tools\WzBGTtemp
ToolEnabled = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
Common\Update Notifier\Share
WinZip = ""

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\Tools\WzBGTfcdnld
ToolEnabled = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\Tools\WzBGTfcdocs
ToolEnabled = 0

HKEY_CURRENT_USER\Software\Nico Mak Computing\
WinZip\Tools\WzBGTrbin
ToolEnabled = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\Langs
1033 = en-US

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\Langs
InstalledUILangID = 1033

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip Express\Office\Langs
1033 = en-US

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip Express\Office\Langs
InstalledUILangID = 1033

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.ISO = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.ZIPX = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.IMG = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\fm
.7Z = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
RunPreLoader = 20

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
ExtractSkipOlder = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
DefaultCompressionMethod = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
ProductCode = {CD95F661-A5C4-44F5-A6AA-ECDD91C24104}

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
ReuseWindows = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
ExeBits = 32

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
Adjustable = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
CheckOutIconOnly = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
SpanDefault = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
AltDrag = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
Version = 20.5.12118

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
DialogSplitFactor = 2

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
AlwaysOnTop = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\winzip
AnimatedBusy = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFzshare\
Default
MaxUploadSizeMB = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFzshare\
Default
WritableRootFolder = \

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\wzshlext
MenuCfgTable = 22222222222222222222

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFbox\
Default
MaxUploadSizeMB = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFbox\
Default
WritableRootFolder = \

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\caution
ErrDelEncrytCaution = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\UpdateCheck
AutoMode = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\UpdateCheck
AskFirst = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip
x-at = lan2

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
File Association Helper
Enabled = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFdbox\
Default
WritableRootFolder = \

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFdbox\
Default
MaxUploadSizeMB = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFcldme\
Default
MaxUploadSizeMB = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFcldme\
Default
WritableRootFolder = \

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\ListView
ListFormat1 = 4

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\ListView
PathMode = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\ListView
GridLines = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\ListView
FullRowSelect = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\programs
vviewer = %Windows%\NOTEPAD.EXE

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFgdrv\
Default
WritableRootFolder = \

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFgdrv\
Default
MaxUploadSizeMB = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF
DefaultMaxParallel = 2

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFssync\
Default
MaxUploadSizeMB = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFssync\
Default
WritableRootFolder = \

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\Statistics
Collect = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WinIni
win32_version = 6.3-20.5

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFoned\
Default
WritableRootFolder = \

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFoned\
Default
MaxUploadSizeMB = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\Policies
DisableFAH = ""

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFmfire\
Default
WritableRootFolder = \

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\WXF\WzWXFmfire\
Default
MaxUploadSizeMB = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\Statistics
UsageCollectLock = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Nico Mak Computing\
WinZip\Splitter
Enabled = 1

PUA_INSTALLCORE.GY

Resumen y descripción

Detalles técnicos

Recursos

Soporte

Acerca de Trend

Oficina Principal en el País

PUA_INSTALLCORE.GY

Resumen y descripción

Detalles técnicos

Recursos

Soporte

Acerca de Trend

Oficina Principal en el País

América

Medio Oriente & África

Europa

Asia & Pacífico