PWS:Win32/OnLineGames.NJ (Microsoft); PWS-Onlinegames.ex (McAfee); Infostealer.Gampass (Symantec); Trojan-Dropper.Win32.Small.ceh (Kaspersky); Trojan-PSW.Win32.OnLineGames.as (fs) (Sunbelt)

 PLATFORM:

Windows 2000, Windows XP, Windows Server 2003

 OVER ALL RISK RATING:
 REPORTED INFECTION:
 Beeinträchtigung der Systemleistung ::
 INFORMATION EXPOSURE:
Low
Medium
High
Critical

  • Threat Type:
    Spyware

  • Destructiveness:
    No

  • Encrypted:
     

  • In the wild::
    Yes

  OVERVIEW

Elimina archivos para impedir la ejecución correcta de programas y aplicaciones.

Este malware se elimina tras la ejecución.

  TECHNICAL DETAILS

File size: 51,828 bytes
File type: EXE
Memory resident: No
INITIAL SAMPLES RECEIVED DATE: 10 października 2012

Otras modificaciones del sistema

Elimina los archivos siguientes:

  • %System%\198FF3D8.cfg
  • %System%\198FF3D8.dll
  • %User Temp%\liv1.tmp

(Nota: %System% es la carpeta del sistema de Windows, que en el caso de Windows 98 y ME suele estar en C:\Windows\System, en el caso de Windows NT y 2000 en C:\WINNT\System32 y en el caso de Windows XP y Server 2003 en C:\Windows\System32).

. %User Temp% es la carpeta Temp del usuario activo, que en el caso de Windows 2000, XP y Server 2003 suele estar en C:\Documents and Settings\{nombre de usuario}\Local Settings\Temp).

)

Agrega las siguientes entradas de registro como parte de la rutina de instalación:

HKEY_CLASSES_ROOT\CLsID\{198FF3D8-56F1-466B-A36F-F9C28B43E440}\
InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}

Agrega las siguientes entradas de registro:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{198FF3D8-56F1-466B-A36F-F9C28B43E440}\InprocServer32
ThreadingModel = "Apartment"

Elimina las siguientes claves de registro:

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\ClassicViewState

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\ControlPanelInMyComputer

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\DesktopProcess\
Policy\SeparateProcess

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\DesktopProcess\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\DesktopProcess

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\DisableThumbCache

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\FolderSizeTip

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\FriendlyTree

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\Hidden\
NOHIDDEN

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\Hidden\
SHOWALL

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\Hidden

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\HideFileExt

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\NetCrawler\
Policy\NoNetCrawling

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\NetCrawler\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\NetCrawler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\PersistBrowsers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\ShowCompColor

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\ShowFullPath

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\ShowFullPathAddress

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\ShowInfoTip

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\SimpleSharing

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\SuperHidden\
Policy\DontShowSuperHidden

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\SuperHidden\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\SuperHidden

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder\WebViewBarricade

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced\Folder

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Advanced

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AppKey\15

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AppKey\16

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AppKey\17

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AppKey\18

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AppKey\7

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AppKey

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Associations

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\CancelAutoplay\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\CancelAutoplay\Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\CancelAutoplay

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\MusicFilesContentHandler\
EventHandlers\MediaArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\MusicFilesContentHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\MusicFilesContentHandler\
FriendlyName

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\MusicFilesContentHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\PicturesContentHandler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\PicturesContentHandler\
EventHandlers\MediaArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\PicturesContentHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\PicturesContentHandler\
FriendlyName

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\PicturesContentHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\VideoFilesContentHandler\
EventHandlers\MediaArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\VideoFilesContentHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\VideoFilesContentHandler\
FriendlyName

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers\VideoFilesContentHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeSniffers\MusicFilesContentSniffer

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeSniffers\PicturesContentSniffer

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeSniffers\VideoFilesContentSniffer

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\ContentTypeSniffers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceClasses\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceClasses\{CC7BFB41-F175-11D1-A392-00E0291F3959}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceClasses

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\Camera

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\CellPhone

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\CFStorage

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\ClikDrive

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\FaxDevice

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\ImageMate

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\JazDrive

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\MemoryStick

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\MemoryStick-MG

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\OpticalDrive

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\PCMCIAStorage

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\PocketPC

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\PortableAudioPlayer

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\Printer

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\Scanner

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\SMStorage

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\TapeDrive

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\VideoCamera

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\ZipDrive100

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups\ZipDrive250

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceGroups

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CompaqPA1Handler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CompaqPA1Handler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CompaqPA1Handler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadIIcHandler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadIIcHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadIIcHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadIIHandler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadIIHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadIIHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadIIMGHandler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadIIMGHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadIIMGHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadJukeboxHandler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadJukeboxHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\CreativeNomadJukeboxHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\DigisetteDuo64Handler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\DigisetteDuo64Handler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\DigisetteDuo64Handler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\DLinkDMP110Handler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\DLinkDMP110Handler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\DLinkDMP110Handler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\GenericVolumeHandler\
ContentTypes

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\GenericVolumeHandler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\GenericVolumeHandler\
EventHandlers\MediaArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\GenericVolumeHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\GenericVolumeHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Intel3000Handler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Intel3000Handler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Intel3000Handler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\IntelPocketConcertHandler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\IntelPocketConcertHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\IntelPocketConcertHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\IomegaHipZipHandler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\IomegaHipZipHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\IomegaHipZipHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\NikepsaplayHandler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\NikepsaplayHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\NikepsaplayHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Ravemp2300Handler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Ravemp2300Handler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Ravemp2300Handler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Rio600Handler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Rio600Handler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Rio600Handler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Rio800Handler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Rio800Handler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\Rio800Handler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\RioOneHandler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\RioOneHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\RioOneHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\VideoCameraDeviceHandler\
EventHandlers\DeviceArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\VideoCameraDeviceHandler\
EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers\VideoCameraDeviceHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\DeviceHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\AutorunINFLegacyArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\CompaqPA1Arrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\CreativeNomadIIArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\CreativeNomadIIcArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\CreativeNomadIIMGArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\CreativeNomadJukeboxArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\DigisetteDuo64Arrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\DLinkDMP110Arrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\GenericVolumeArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\HandleCDBurningOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\Intel3000Arrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\IntelPocketConcertArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\IomegaHipZipArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\MixedContentOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\NikepsaplayArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\PlayCDAudioOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\PlayDVDMovieOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\PlayMusicFilesOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\PlayVideoFilesOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\Ravemp2300Arrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\Rio600Arrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\Rio800Arrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\RioOneArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\ShowPicturesOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers\VideoCameraArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\EventHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSCDBurningOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSOpenFolder

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSPlayCDAudioOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSPlayDVDMovieOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSPlayMediaOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSPrintPicturesOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSPromptEachTime

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSPromptEachTimeNoContent

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSRipCDAudioOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSShowPicturesOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSTakeNoAction

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSVideoCameraArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSWiaEventHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSWMDMHandler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers\MSWMPBurnCDOnArrival

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers\Handlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
AutoplayHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
BitBucket

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
BrowseNewProcess

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Browser Helper Objects

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
CD Burning\AudioBurnHandlers\{8dd448e6-c188-4aed-af92-44956194eb1f}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
CD Burning\AudioBurnHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
CD Burning\ExcludedFS

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
CD Burning

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\Flags

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\Accessibility_Options

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\Add-Remove_Programs

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\Date-Time

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\Dialing_Options

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\Display_Properties

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\Internet_Options

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\Printers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\{0DF44EAA-FF21-4412-828E-260A8728E7F1}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\{7007ACC7-3202-11D1-AAD2-00805FC1270E}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\{78CB147A-98EA-4AA6-B0DF-C8681F69341C}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\{D20EA4E1-3957-11d2-A40B-0C5020524152}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\{D20EA4E1-3957-11d2-A40B-0C5020524153}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\{D6277990-4C6A-11CF-8D87-00AA0060F5BF}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace\{E211B736-43FD-11D1-9EFB-0000F8757FCD}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel\NameSpace

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ControlPanel

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Desktop\NameSpace\{1f4de370-d627-11d1-ba4f-00a0c91eedba}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Desktop\NameSpace\{450D8FBA-AD25-11D0-98A8-0800361B1103}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Desktop\NameSpace\{e17d4fc0-5564-11d1-83f2-00a0c90dc849}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Desktop\NameSpace

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Desktop

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
DocFolderPaths

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FileAssociation

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\ShellFindInDirectory

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
0\DefaultIcon

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
0\HelpText

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
0\SearchGUID\UrlNavNew

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
0\SearchGUID

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
0

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
1\DefaultIcon

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
1\HelpText

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
1\SearchGUID\UrlNavNew

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
1\SearchGUID

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
1

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
2\DefaultIcon

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
2\HelpText

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
2\SearchGUID

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch\
2

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\ShellSearch

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\WabFind\
0\DefaultIcon

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\WabFind\
0

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\WabFind

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\WebSearch\
0\DefaultIcon

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\WebSearch\
0\HelpText

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\WebSearch\
0

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static\WebSearch

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions\Static

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
FindExtensions

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
HideDesktopIcons\ClassicStartMenu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
HideDesktopIcons\NewStartPanel

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
HideDesktopIcons

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
HideMyComputerIcons

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
MyComputer\BackupPath

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
MyComputer\cleanuppath

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
MyComputer\DefragPath

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
MyComputer\NameSpace\Controls

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
MyComputer\NameSpace\DelegateFolders\
{59031a47-3f72-44a7-89c5-5595fe6b30ee}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
MyComputer\NameSpace\DelegateFolders

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
MyComputer\NameSpace

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
MyComputer

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
NetworkCrawler\Objects\WorkgroupCrawler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
NetworkCrawler\Objects

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
NetworkCrawler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
NetworkNeighborhood\NameSpace\DelegateFolders\
{9DB7A13C-F208-4981-8353-73CC61AE2783}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
NetworkNeighborhood\NameSpace\DelegateFolders

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
NetworkNeighborhood\NameSpace\{2728520d-1ec8-4c68-a551-316b684c4ea7}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
NetworkNeighborhood\NameSpace\{3c5c43a3-9ce9-4a9b-9699-2ac0cf6cc4bf}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
NetworkNeighborhood\NameSpace\{D4480A50-BA28-11d1-8E75-00C04FA31A86}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
NetworkNeighborhood\NameSpace

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
NetworkNeighborhood

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
NewShortcutHandlers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
PublishingWizard\InternetPhotoPrinting

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
PublishingWizard

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
RecentDocs

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
RemoteComputer\NameSpace\{2227A280-3AEA-1069-A2DE-08002B30309D}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
RemoteComputer\NameSpace\{D6277990-4C6A-11CF-8D87-00AA0060F5BF}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
RemoteComputer\NameSpace

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
RemoteComputer

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
SharedTaskScheduler

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Shell Folders

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ShellExecuteHooks

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ShellIconOverlayIdentifiers\Offline Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
ShellIconOverlayIdentifiers

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\Policy\NoChangeStartMenu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\AdminTools

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadeControlPanel\
Policy\NoControlPanel

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadeControlPanel\
Policy\NoSetFolders

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadeControlPanel\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadeControlPanel

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadeMyDocuments\
Policy\NoSMMyDocs

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadeMyDocuments\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadeMyDocuments

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadeMyPictures\
Policy\NoSMMyPictures

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadeMyPictures\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadeMyPictures

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadePrinters\
Policy\NoSetFolders

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadePrinters\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\CascadePrinters

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\IntelliMenus\
Policy\IntelliMenus

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\IntelliMenus\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\IntelliMenus

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\NetConnect\
Policy\NoNetworkConnections

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\NetConnect\
Policy\NoSetFolders

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\NetConnect\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\NetConnect

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\SmallIcons

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuChange\
Policy\NoChangeStartMenu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuChange\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuChange

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuFavorites\
Policy\NoFavoritesMenu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuFavorites\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuFavorites

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuLogoff\
Policy\ForceStartMenuLogoff

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuLogoff\
Policy\LogonType

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuLogoff\
Policy\StartMenuLogoff

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuLogoff\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuLogoff

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuRun\
Policy\NoRun

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuRun\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuRun

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu\StartMenuScrollPrograms

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartMenu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ControlPanel\
Hide

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ControlPanel\
Menu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ControlPanel\
Open

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ControlPanel\
Policy\NoControlPanel

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ControlPanel\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ControlPanel

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\EnableDragDrop\
Policy\NoChangeStartMenu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\EnableDragDrop\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\EnableDragDrop

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\Favorites\
Policy\NoFavoritesMenu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\Favorites\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\Favorites

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyComp\
Hide

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyComp\
Menu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyComp\
Open

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyComp\
Policy\{20D04FE0-3AEA-1069-A2D8-08002B30309D}

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyComp\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyComp

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyDocs\
Hide

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyDocs\
Menu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyDocs\
Open

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyDocs\
Policy\NoSMMyDocs

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyDocs\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyDocs

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyMusic\
Hide

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyMusic\
Menu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyMusic\
Open

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyMusic\
Policy\NoStartMenuMyMusic

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyMusic\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyMusic

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyPics\
Hide

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyPics\
Menu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyPics\
Open

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyPics\
Policy\NoSMMyPictures

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyPics\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\MyPics

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\NetConn\
Hide

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\NetConn\
Menu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\NetConn\
Open

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\NetConn\
Policy\NoNetworkConnections

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\NetConn\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\NetConn

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowAdminTools\
Both

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowAdminTools\
Hide

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowAdminTools\
Menu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowAdminTools

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowHelp\
Policy\NoSMHelp

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowHelp\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowHelp

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowNetPlaces\
Policy\NoStartMenuNetworkPlaces

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowNetPlaces\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowNetPlaces

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowOEMLink\
Policy\NoOEMLinkInstalled

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowOEMLink\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowOEMLink

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowPrinters\
Policy\NoSetFolders

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowPrinters\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowPrinters

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowRun\
Policy\NoRun

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowRun\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowRun

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowSearch\
Policy\NoFind

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowSearch\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowSearch

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowSetProgramAccessAndDefaults\
Policy\NoSMConfigurePrograms

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowSetProgramAccessAndDefaults\
Policy

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\ShowSetProgramAccessAndDefaults

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel\StartMenuScrollPrograms

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu\StartPanel

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
StartMenu

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Streams\Desktop

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Streams

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
TemplateRegistry

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
Tips

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
User Shell Folders

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\AnimateMinMax

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\ComboBoxAnimation

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\CursorShadow

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\DragFullWindows

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\DropShadow

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\FontSmoothing

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\ListBoxSmoothScrolling

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\ListviewAlphaSelect

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\ListviewShadow

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\ListviewWatermark

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\MenuAnimation

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\SelectionFade

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\TaskbarAnimations

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\Themes

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\TooltipAnimation

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects\WebView

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VisualEffects

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Active Setup Temp Folders

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Compress old files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Content Indexer Cleaner

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Downloaded Program Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Internet Cache Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Memory Dump Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Microsoft_Event_Reporting_2.0_Temp_Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Offline Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Offline Pages Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Old ChkDsk Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Recycle Bin

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Remote Desktop Cache Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Setup Log Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\System Restore

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Temporary Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Temporary Offline Files

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\Uninstall Backup Image

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches\WebClient and WebPublisher Cache

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
VolumeCaches

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
WebView\TemplateMacros\BACKGROUNDIMAGE

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
WebView\TemplateMacros\LOGOLINE

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
WebView\TemplateMacros

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
WebView

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
WindowsUpdate

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
WMPInfo\FileExts

HKEY_LOCAL_MACHINE\SOFTWARE\{9184057B-D51B-4C2A-B779-EB4F548E9FDA}\
WMPInfo

Rutina de infiltración

Infiltra los archivos siguientes:

  • %System%\b770ca2.drv

(Nota: %System% es la carpeta del sistema de Windows, que en el caso de Windows 98 y ME suele estar en C:\Windows\System, en el caso de Windows NT y 2000 en C:\WINNT\System32 y en el caso de Windows XP y Server 2003 en C:\Windows\System32).

)

Otros detalles

Este malware se elimina tras la ejecución.

  SOLUTION

Minimum scan engine: 9.200

Step 1

Los usuarios de Windows ME y XP, antes de llevar a cabo cualquier exploración, deben comprobar que tienen desactivada la opción Restaurar sistema para permitir la exploración completa del equipo.

Step 2

Eliminar esta clave del Registro

[ learnMore ]

Importante: si modifica el Registro de Windows incorrectamente, podría hacer que el sistema funcione mal de manera irreversible. Lleve a cabo este paso solo si sabe cómo hacerlo o si puede contar con ayuda de su administrador del sistema. De lo contrario, lea este artículo de Microsoft antes de modificar el Registro del equipo.

  • In HKEY_CLASSES_ROOT\CLsID\{198FF3D8-56F1-466B-A36F-F9C28B43E440}
    • InprocServer32
  • In HKEY_LOCAL_MACHINE\SOFTWARE
    • {9184057B-D51B-4C2A-B779-EB4F548E9FDA}

Step 3

Eliminar este valor del Registro

[ learnMore ]

Importante: si modifica el Registro de Windows incorrectamente, podría hacer que el sistema funcione mal de manera irreversible. Lleve a cabo este paso solo si sabe cómo hacerlo o si puede contar con ayuda de su administrador del sistema. De lo contrario, lea este artículo de Microsoft antes de modificar el Registro del equipo.

  • In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{198FF3D8-56F1-466B-A36F-F9C28B43E440}\InprocServer32
    • ThreadingModel = "Apartment"

Step 4

Buscar y eliminar este archivo

[ learnMore ]
Puede que algunos de los archivos del componente estén ocultos. Asegúrese de que tiene activada la casilla Buscar archivos y carpetas ocultos en la opción Más opciones avanzadas para que el resultado de la búsqueda incluya todos los archivos y carpetas ocultos.
  • %System%\b770ca2.drv

Step 5

Explorar el equipo con su producto de Trend Micro para eliminar los archivos detectados como TSPY_ONGAME.SMG En caso de que el producto de Trend Micro ya haya limpiado, eliminado o puesto en cuarentena los archivos detectados, no serán necesarios más pasos. Puede optar simplemente por eliminar los archivos en cuarentena. Consulte esta página de Base de conocimientos para obtener más información.


Did this description help? Tell us how we did.