Page 2 of 4 FirstFirst 1234 LastLast
Results 16 to 30 of 48
http://idgs.in/690454
  1. #16
    YUKAY_HN_VAMPS's Avatar
    Join Date
    Jun 2011
    Location
    彼女の心
    Posts
    6,496
    Points
    4,369.54
    Thanks: 54 / 56 / 43

    Default

    Quote Originally Posted by sltg-indopahit View Post
    aduh.. itu salah besar gan...
    gw aja pake windows 7 ultimate lancar jaya kok..
    bener ultimate gan ??

    ada 7 soalnya

    1. Windows 7 Ultimate

    2. Windows 7 Professional

    3. Windows 7 Enterprise

    4. Windows 7 Home Premium

    5. Windows 7 Home Basic

    6. Windows 7 Starter

    SUMBER
    Ψ My Life, My Rules Ψ

  2. Hot Ad
  3. #17
    -Sakurazuka-'s Avatar
    Join Date
    Feb 2013
    Location
    Depok
    Posts
    1,202
    Points
    2,155.66
    Thanks: 12 / 17 / 16

    Default

    Quote Originally Posted by sltg-indopahit View Post
    aduh.. itu salah besar gan...
    gw aja pake windows 7 ultimate lancar jaya kok..
    ya tergantung anti virusnya gan
    kalo gue sih langsung kedetek di laptop gue hehehe jadi ga bisa pake warkey

  4. #18
    YUKAY_HN_VAMPS's Avatar
    Join Date
    Jun 2011
    Location
    彼女の心
    Posts
    6,496
    Points
    4,369.54
    Thanks: 54 / 56 / 43

    Default

    sbnrnya bukan virus itu gan
    bisa di exception gan
    pake apa antivirusnya ??
    Avira si payung merah ??
    Ψ My Life, My Rules Ψ

  5. #19
    -Sakurazuka-'s Avatar
    Join Date
    Feb 2013
    Location
    Depok
    Posts
    1,202
    Points
    2,155.66
    Thanks: 12 / 17 / 16

    Default

    pake mc afee brooo hehehe

  6. #20

    Join Date
    Jan 2008
    Location
    www.indogamers.com
    Posts
    1,058
    Points
    -68.50
    Thanks: 124 / 394 / 279

    Default

    Quote Originally Posted by YUKAY_HN_VAMPS View Post
    oh ie g bs
    sorry sorry, gw cek cuma smp countdown, eh trnyata g bs
    :ag-haha:

    nih yg bnr, tp kebaca virus...
    http://www.mediafire.com/download/9f...arKey68_EN.zip

    monggo di bedah
    problemnya itu2 mlu, stuck...
    g bs pake tinker jadinya gw
    USE AT YOUR OWN RISK!!

    gua test, warkey tersebut melakukan aktifitas koneksi internet secara diam2 TANPA IJIN



    warkey tersebut juga mendownload konten secara diam2 TANPA IJIN
    dikomp gua konten tersebut ada di C:\Users\maphack_user\AppData\Local\Microsoft\Wind ows\Temporary Internet Files\Content.IE5

    itu yang gua test sendiri






    test hasil virustotal.com :
    https://www.virustotal.com/en/file/5...is/1393727379/

  7. #21

    Join Date
    Jan 2008
    Location
    www.indogamers.com
    Posts
    1,058
    Points
    -68.50
    Thanks: 124 / 394 / 279

    Default

    test hasil "bedah" dr.rezon
    Code:
        Analysis Report for WarKey.exe
                       MD5: e98c70a5ead9a30feed3612fb4321d2e
    
    
    
        Table of Contents
    
    - General information
    - WarKey.exe
      a) Registry Activities
      b) File Activities
      c) Network Activities
      d) Other Activities
    
    
        1. General Information
    
            Time needed:        176 s
            Termination reason: All tracked processes have exited
            Program version:    1.76.3886
    
    
    
        WarKey.exe
    
        General information about this executable
    
            Analysis Reason: Primary Analysis Subject
            Filename:        WarKey.exe
            MD5:             e98c70a5ead9a30feed3612fb4321d2e
            SHA-1:           3af8020b624cbd9b7692f4f2b9645e37a4490652
            File Size:       151552 Bytes
            Command Line:    "C:\WarKey.exe"
            Process-status
            at analysis end: dead
            Exit Code:       0
    
    
        Load-time Dlls
    
            Module Name: [ C:\WINDOWS\system32\ntdll.dll ],
                   Base Address: [0x7C900000 ], Size: [0x000AF000 ]
            Module Name: [ C:\WINDOWS\system32\kernel32.dll ],
                   Base Address: [0x7C800000 ], Size: [0x000F6000 ]
            Module Name: [ C:\WINDOWS\system32\MSVBVM60.DLL ],
                   Base Address: [0x73420000 ], Size: [0x00153000 ]
            Module Name: [ C:\WINDOWS\system32\USER32.dll ],
                   Base Address: [0x7E410000 ], Size: [0x00091000 ]
            Module Name: [ C:\WINDOWS\system32\GDI32.dll ],
                   Base Address: [0x77F10000 ], Size: [0x00049000 ]
            Module Name: [ C:\WINDOWS\system32\ADVAPI32.dll ],
                   Base Address: [0x77DD0000 ], Size: [0x0009B000 ]
            Module Name: [ C:\WINDOWS\system32\RPCRT4.dll ],
                   Base Address: [0x77E70000 ], Size: [0x00092000 ]
            Module Name: [ C:\WINDOWS\system32\Secur32.dll ],
                   Base Address: [0x77FE0000 ], Size: [0x00011000 ]
            Module Name: [ C:\WINDOWS\system32\ole32.dll ],
                   Base Address: [0x774E0000 ], Size: [0x0013D000 ]
            Module Name: [ C:\WINDOWS\system32\msvcrt.dll ],
                   Base Address: [0x77C10000 ], Size: [0x00058000 ]
            Module Name: [ C:\WINDOWS\system32\OLEAUT32.dll ],
                   Base Address: [0x77120000 ], Size: [0x0008B000 ]
    
    
        Run-time Dlls
    
            Module Name: [ C:\WINDOWS\system32\xpsp2res.dll ],
                   Base Address: [0x01480000 ], Size: [0x002C5000 ]
            Module Name: [ C:\WINDOWS\system32\UxTheme.dll ],
                   Base Address: [0x5AD70000 ], Size: [0x00038000 ]
            Module Name: [ C:\WINDOWS\system32\NETAPI32.dll ],
                   Base Address: [0x5B860000 ], Size: [0x00055000 ]
            Module Name: [ C:\WINDOWS\system32\hnetcfg.dll ],
                   Base Address: [0x662B0000 ], Size: [0x00058000 ]
            Module Name: [ C:\WINDOWS\system32\shdoclc.dll ],
                   Base Address: [0x71800000 ], Size: [0x00088000 ]
            Module Name: [ C:\WINDOWS\system32\mswsock.dll ],
                   Base Address: [0x71A50000 ], Size: [0x0003F000 ]
            Module Name: [ C:\WINDOWS\System32\wshtcpip.dll ],
                   Base Address: [0x71A90000 ], Size: [0x00008000 ]
            Module Name: [ C:\WINDOWS\system32\WS2HELP.dll ],
                   Base Address: [0x71AA0000 ], Size: [0x00008000 ]
            Module Name: [ C:\WINDOWS\system32\WS2_32.dll ],
                   Base Address: [0x71AB0000 ], Size: [0x00017000 ]
            Module Name: [ C:\WINDOWS\system32\wsock32.dll ],
                   Base Address: [0x71AD0000 ], Size: [0x00009000 ]
            Module Name: [ C:\WINDOWS\system32\sensapi.dll ],
                   Base Address: [0x722B0000 ], Size: [0x00005000 ]
            Module Name: [ C:\WINDOWS\system32\msls31.dll ],
                   Base Address: [0x746C0000 ], Size: [0x00027000 ]
            Module Name: [ C:\WINDOWS\system32\MSCTF.dll ],
                   Base Address: [0x74720000 ], Size: [0x0004C000 ]
            Module Name: [ C:\WINDOWS\system32\RichEd20.dll ],
                   Base Address: [0x74E30000 ], Size: [0x0006D000 ]
            Module Name: [ C:\WINDOWS\system32\CRYPTUI.dll ],
                   Base Address: [0x754D0000 ], Size: [0x00080000 ]
            Module Name: [ C:\WINDOWS\system32\MLANG.dll ],
                   Base Address: [0x75CF0000 ], Size: [0x00091000 ]
            Module Name: [ C:\WINDOWS\system32\USERENV.dll ],
                   Base Address: [0x769C0000 ], Size: [0x000B4000 ]
            Module Name: [ C:\WINDOWS\system32\WINMM.dll ],
                   Base Address: [0x76B40000 ], Size: [0x0002D000 ]
            Module Name: [ C:\WINDOWS\system32\PSAPI.DLL ],
                   Base Address: [0x76BF0000 ], Size: [0x0000B000 ]
            Module Name: [ C:\WINDOWS\system32\WINTRUST.dll ],
                   Base Address: [0x76C30000 ], Size: [0x0002E000 ]
            Module Name: [ C:\WINDOWS\system32\IMAGEHLP.dll ],
                   Base Address: [0x76C90000 ], Size: [0x00028000 ]
            Module Name: [ C:\WINDOWS\system32\rtutils.dll ],
                   Base Address: [0x76E80000 ], Size: [0x0000E000 ]
            Module Name: [ C:\WINDOWS\system32\rasman.dll ],
                   Base Address: [0x76E90000 ], Size: [0x00012000 ]
            Module Name: [ C:\WINDOWS\system32\TAPI32.dll ],
                   Base Address: [0x76EB0000 ], Size: [0x0002F000 ]
            Module Name: [ C:\WINDOWS\system32\RASAPI32.DLL ],
                   Base Address: [0x76EE0000 ], Size: [0x0003C000 ]
            Module Name: [ C:\WINDOWS\system32\DNSAPI.dll ],
                   Base Address: [0x76F20000 ], Size: [0x00027000 ]
            Module Name: [ C:\WINDOWS\system32\WLDAP32.dll ],
                   Base Address: [0x76F60000 ], Size: [0x0002C000 ]
            Module Name: [ C:\WINDOWS\system32\rasadhlp.dll ],
                   Base Address: [0x76FC0000 ], Size: [0x00006000 ]
            Module Name: [ C:\WINDOWS\system32\CLBCATQ.DLL ],
                   Base Address: [0x76FD0000 ], Size: [0x0007F000 ]
            Module Name: [ C:\WINDOWS\system32\COMRes.dll ],
                   Base Address: [0x77050000 ], Size: [0x000C5000 ]
            Module Name: [ C:\WINDOWS\system32\WININET.dll ],
                   Base Address: [0x771B0000 ], Size: [0x000AA000 ]
            Module Name: [ C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ],
                   Base Address: [0x773D0000 ], Size: [0x00103000 ]
            Module Name: [ C:\WINDOWS\system32\CRYPT32.dll ],
                   Base Address: [0x77A80000 ], Size: [0x00095000 ]
            Module Name: [ C:\WINDOWS\system32\MSASN1.dll ],
                   Base Address: [0x77B20000 ], Size: [0x00012000 ]
            Module Name: [ C:\WINDOWS\system32\appHelp.dll ],
                   Base Address: [0x77B40000 ], Size: [0x00022000 ]
            Module Name: [ C:\WINDOWS\system32\VERSION.dll ],
                   Base Address: [0x77C00000 ], Size: [0x00008000 ]
            Module Name: [ C:\WINDOWS\system32\SHLWAPI.dll ],
                   Base Address: [0x77F60000 ], Size: [0x00076000 ]
            Module Name: [ C:\WINDOWS\system32\SHELL32.dll ],
                   Base Address: [0x7C9C0000 ], Size: [0x00817000 ]
            Module Name: [ C:\WINDOWS\system32\mshtml.dll ],
                   Base Address: [0x7DC30000 ], Size: [0x002F2000 ]
            Module Name: [ C:\WINDOWS\system32\urlmon.dll ],
                   Base Address: [0x7E1E0000 ], Size: [0x000A2000 ]
            Module Name: [ C:\WINDOWS\system32\shdocvw.dll ],
                   Base Address: [0x7E290000 ], Size: [0x00171000 ]
            Module Name: [ C:\WINDOWS\system32\SXS.DLL ],
                   Base Address: [0x7E720000 ], Size: [0x000B0000 ]
    
    
        Popups
    
            Window Name:     WarKey++  Ver:6.8.130327
            Displayed Times: 1
            Window Text:     
    Main
    Macro Keys
    Quick Msg
    Read Me
    &Hide
    E&xit
    Fully replace numeric keys
    alphabet keys
    Num4
    [Alt]+[Q/W/A/S/Z/X]
    right [Win]
    Shield left [Win] when gaming
    Minimize
    Ally HP bars
    Enemy HP bars
    Activate WarKey++   -  Active Hotkey: [Home]
    AI block mouse(make mouse stay in the window)
    Num7
    Num8
    Num5
    Num1
    Num2
    Change Keys [Num7/Num8/Num4/Num1/Num2] =
    [Alt]+[Q/W/E/A/S/D]
    
    			
    
        WarKey.exe - Registry Activities
    
        Registry Keys Created:
    
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\International\CpMRU ]
    
    
        Registry Values Modified:
    
            Key: [ HKLM\SYSTEM\CURRENTCONTROLSET\HARDWARE PROFILES\CURRENT\Software\Microsoft\windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ ProxyEnable ], New Value: [ 0 ]
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders ], 
                 Value Name: [ Common AppData ], New Value: [ C:\Documents and Settings\All Users\Application Data ]
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths ], 
                 Value Name: [ Directory ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 ]
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths ], 
                 Value Name: [ Paths ], New Value: [ 4 ]
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path1 ], 
                 Value Name: [ CacheLimit ], New Value: [ 40852 ]
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path1 ], 
                 Value Name: [ CachePath ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\Cache1 ]
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path2 ], 
                 Value Name: [ CacheLimit ], New Value: [ 40852 ]
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path2 ], 
                 Value Name: [ CachePath ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\Cache2 ]
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path3 ], 
                 Value Name: [ CacheLimit ], New Value: [ 40852 ]
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path3 ], 
                 Value Name: [ CachePath ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\Cache3 ]
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path4 ], 
                 Value Name: [ CacheLimit ], New Value: [ 40852 ]
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path4 ], 
                 Value Name: [ CachePath ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\Cache4 ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\International ], 
                 Value Name: [ W2KLpk ], New Value: [ 1 ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\International\CpMRU ], 
                 Value Name: [ Enable ], New Value: [ 1 ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\International\CpMRU ], 
                 Value Name: [ Factor ], New Value: [ 20 ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\International\CpMRU ], 
                 Value Name: [ InitHits ], New Value: [ 100 ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\International\CpMRU ], 
                 Value Name: [ Size ], New Value: [ 10 ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders ], 
                 Value Name: [ AppData ], New Value: [ C:\Documents and Settings\Administrator\Application Data ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders ], 
                 Value Name: [ Cache ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders ], 
                 Value Name: [ Cookies ], New Value: [ C:\Documents and Settings\Administrator\Cookies ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders ], 
                 Value Name: [ History ], New Value: [ C:\Documents and Settings\Administrator\Local Settings\History ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ ], 
                 Value Name: [ IntranetName ], New Value: [ 1 ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ ], 
                 Value Name: [ ProxyBypass ], New Value: [ 1 ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ ], 
                 Value Name: [ UNCAsIntranet ], New Value: [ 1 ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ MigrateProxy ], New Value: [ 1 ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ ProxyEnable ], New Value: [ 0 ]
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections ], 
                 Value Name: [ SavedLegacySettings ], New Value: [ 0x3c0000001600000001000000000000000000000000000000040000000000 ]
    
    
    
    
        Monitored Registry Keys:
    
            Key: [ HKLM\Software\Classes ], 
                 Watch subtree: [ 1 ], Notify Filter: [ Key Change,Value Change ], 3 times
            Key: [ HKLM\Software\Classes\CLSID ], 
                 Watch subtree: [ 1 ], Notify Filter: [ Key Change,Value Change ], 2 times
            Key: [ HKLM\Software\Microsoft\COM3 ], 
                 Watch subtree: [ 1 ], Notify Filter: [ Key Change,Value Change ], 6 times
            Key: [ HKLM\Software\Microsoft\Tracing\RASAPI32 ], 
                 Watch subtree: [ 0 ], Notify Filter: [ Attributes Change,Value Change,Security Descriptor Change ], 2 times
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5 ], 
                 Watch subtree: [ 0 ], Notify Filter: [ Key Change ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9 ], 
                 Watch subtree: [ 0 ], Notify Filter: [ Key Change ], 1 time
            Key: [ HKU ], 
                 Watch subtree: [ 1 ], Notify Filter: [ Key Change,Value Change ], 5 times
    
    
    
        WarKey.exe - File Activities
    
        Files Created:
    
            File Name: [ C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DF62BC.tmp ]
            File Name: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WDUF49AN\WKAD_EN[1].htm ]
            File Name: [ C:\WKSet.ini ]
    
    
        Files Read:
    
            File Name: [ C:\WINDOWS\Registration\R00000000000b.clb ]
            File Name: [ C:\WINDOWS\system32\shdocvw.dll ]
            File Name: [ C:\WINDOWS\system32\stdole2.tlb ]
            File Name: [ C:\WKSet.ini ]
            File Name: [ PIPE\lsarpc ]
            File Name: [ c:\autoexec.bat ]
    
    
        Files Modified:
    
            File Name: [ C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WDUF49AN\WKAD_EN[1].htm ]
            File Name: [ C:\WKSet.ini ]
            File Name: [ PIPE\lsarpc ]
            File Name: [ \Device\Afd\AsyncConnectHlp ]
            File Name: [ \Device\Afd\Endpoint ]
            File Name: [ \Device\RasAcd ]
    
    
        File System Control Communication:
    
            File: [ C:\Program Files\Common Files\ ], Control Code: [ 0x00090028 ], 1 time
            File: [ PIPE\lsarpc ], Control Code: [ 0x0011C017 ], 19 times
    
    
        Device Control Communication:
    
            File: [ \Device\KsecDD ], Control Code: [ 0x00390008 ], 8 times
            File: [ \Device\Afd\Endpoint ], Control Code: [ AFD_GET_INFO (0x0001207B) ], 2 times
            File: [ \Device\Afd\Endpoint ], Control Code: [ AFD_SET_CONTEXT (0x00012047) ], 9 times
            File: [ \Device\Afd\Endpoint ], Control Code: [ AFD_BIND (0x00012003) ], 2 times
            File: [ \Device\Afd\Endpoint ], Control Code: [ AFD_GET_TDI_HANDLES (0x00012037) ], 4 times
            File: [ \Device\Afd\Endpoint ], Control Code: [ AFD_GET_SOCK_NAME (0x0001202F) ], 3 times
            File: [ \Device\Afd\Endpoint ], Control Code: [ AFD_CONNECT (0x00012007) ], 1 time
            File: [ \Device\Afd\Endpoint ], Control Code: [ AFD_SELECT (0x00012024) ], 6 times
            File: [ \Device\Afd\Endpoint ], Control Code: [ AFD_SET_INFO (0x0001203B) ], 1 time
            File: [ \Device\Afd\AsyncConnectHlp ], Control Code: [ AFD_CONNECT (0x00012007) ], 1 time
            File: [ \Device\Afd\Endpoint ], Control Code: [ AFD_RECV (0x00012017) ], 4 times
            File: [ \Device\Afd\Endpoint ], Control Code: [ AFD_SEND (0x0001201F) ], 3 times
            File: [ unnamed file ], Control Code: [ 0x00120028 ], 2 times
    
    
        Memory Mapped Files:
    
            File Name: [ C:\WINDOWS\System32\wshtcpip.dll ]
            File Name: [ C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ]
            File Name: [ C:\WINDOWS\WindowsShell.Manifest ]
            File Name: [ C:\WINDOWS\WindowsShell.manifest ]
            File Name: [ C:\WINDOWS\system32\CLBCATQ.DLL ]
            File Name: [ C:\WINDOWS\system32\COMRes.dll ]
            File Name: [ C:\WINDOWS\system32\DNSAPI.dll ]
            File Name: [ C:\WINDOWS\system32\MLANG.dll ]
            File Name: [ C:\WINDOWS\system32\MSCTF.dll ]
            File Name: [ C:\WINDOWS\system32\MSVBVM60.DLL ]
            File Name: [ C:\WINDOWS\system32\PSAPI.DLL ]
            File Name: [ C:\WINDOWS\system32\RASAPI32.DLL ]
            File Name: [ C:\WINDOWS\system32\RichEd20.dll ]
            File Name: [ C:\WINDOWS\system32\SHELL32.dll ]
            File Name: [ C:\WINDOWS\system32\SXS.DLL ]
            File Name: [ C:\WINDOWS\system32\TAPI32.dll ]
            File Name: [ C:\WINDOWS\system32\UxTheme.dll ]
            File Name: [ C:\WINDOWS\system32\WININET.dll ]
            File Name: [ C:\WINDOWS\system32\WINMM.dll ]
            File Name: [ C:\WINDOWS\system32\WS2HELP.dll ]
            File Name: [ C:\WINDOWS\system32\WS2_32.dll ]
            File Name: [ C:\WINDOWS\system32\hnetcfg.dll ]
            File Name: [ C:\WINDOWS\system32\imm32.dll ]
            File Name: [ C:\WINDOWS\system32\mshtml.dll ]
            File Name: [ C:\WINDOWS\system32\msls31.dll ]
            File Name: [ C:\WINDOWS\system32\mswsock.dll ]
            File Name: [ C:\WINDOWS\system32\rasadhlp.dll ]
            File Name: [ C:\WINDOWS\system32\rasman.dll ]
            File Name: [ C:\WINDOWS\system32\rpcss.dll ]
            File Name: [ C:\WINDOWS\system32\rtutils.dll ]
            File Name: [ C:\WINDOWS\system32\sensapi.dll ]
            File Name: [ C:\WINDOWS\system32\shdoclc.dll ]
            File Name: [ C:\WINDOWS\system32\shdocvw.dll ]
            File Name: [ C:\WINDOWS\system32\stdole2.tlb ]
            File Name: [ C:\WINDOWS\system32\urlmon.dll ]
            File Name: [ C:\WINDOWS\system32\wsock32.dll ]
            File Name: [ C:\WINDOWS\system32\xpsp2res.dll ]
            File Name: [ C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DF62BC.tmp ]
    
    
        WarKey.exe - Network Activities
    
    
        DNS Queries:
    
            Name: [ yulv.net ], Query Type: [ DNS_TYPE_A ],
                Query Result: [ 61.150.91.31 ], Successful: [ YES ], Protocol: [ udp ]
    
    
        HTTP Conversations:
    
            From 1029 to 61.150.91.31:80 - [ yulv.net ]
                 Request: [ GET /WKAD_EN.html ], Response: [ 200 "OK" ]
    
    
    
        WarKey.exe - Other Activities
    
        Mutexes Created:
    
            Mutex: [ CTF.Asm.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
            Mutex: [ CTF.Compart.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
            Mutex: [ CTF.LBES.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
            Mutex: [ CTF.Layouts.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
            Mutex: [ CTF.TMD.MutexDefaultS-1-5-21-842925246-1425521274-308236825-500 ]
            Mutex: [ CTF.TimListCache.FMPDefaultS-1-5-21-842925246-1425521274-308236825-500MUTEX.DefaultS-1-5-21-842925246-1425521274-308236825-500 ]
            Mutex: [ MSCTF.Shared.MUTEX.IFG ]
            Mutex: [ ZonesCacheCounterMutex ]
            Mutex: [ ZonesCounterMutex ]
            Mutex: [ ZonesLockedCacheCounterMutex ]
    
    
        Keyboard Keys Monitored:
    
            Virtual Key Code: [ VK_RBUTTON (2) ], 1 time
            Virtual Key Code: [ VK_MBUTTON (4) ], 1 time
            Virtual Key Code: [ VK_LBUTTON (1) ], 1 time
            Virtual Key Code: [ VK_CONTROL (17) ], 4 times
            Virtual Key Code: [ VK_MENU (18) ], 4 times
            Virtual Key Code: [ VK_SHIFT (16) ], 4 times
            Virtual Key Code: [ VK_LSHIFT (160) ], 3 times
            Virtual Key Code: [ VK_LCONTROL (162) ], 3 times
            Virtual Key Code: [ VK_LMENU (164) ], 3 times

  8. #22

    Join Date
    Jan 2008
    Location
    www.indogamers.com
    Posts
    1,058
    Points
    -68.50
    Thanks: 124 / 394 / 279

    Default

    lanjutan atas

    Code:
    Registry Values Read:
    
            Key: [ HKLM\SOFTWARE\CLASSES\.HTM ], 
                 Value Name: [ Content Type ], Value: [ text/html ], 2 times
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{00021401-0000-0000-C000-000000000046}\INPROCSERVER32 ], 
                 Value Name: [  ], Value: [ shell32.dll ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{00021401-0000-0000-C000-000000000046}\INPROCSERVER32 ], 
                 Value Name: [ ThreadingModel ], Value: [ Apartment ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\INPROCSERVER32 ], 
                 Value Name: [  ], Value: [ oleaut32.dll ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\INPROCSERVER32 ], 
                 Value Name: [ ThreadingModel ], Value: [ Apartment ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\INPROCSERVER32 ], 
                 Value Name: [  ], Value: [ %SystemRoot%\system32\mshtml.dll ], 2 times
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\INPROCSERVER32 ], 
                 Value Name: [ ThreadingModel ], Value: [ Apartment ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\PROGID ], 
                 Value Name: [  ], Value: [ htmlfile ], 2 times
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\INPROCSERVER32 ], 
                 Value Name: [  ], Value: [ C:\WINDOWS\system32\mlang.dll ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\INPROCSERVER32 ], 
                 Value Name: [ ThreadingModel ], Value: [ Both ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}\INPROCSERVER32 ], 
                 Value Name: [  ], Value: [ %SystemRoot%\system32\mshtml.dll ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}\INPROCSERVER32 ], 
                 Value Name: [ ThreadingModel ], Value: [ Apartment ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\INPROCSERVER32 ], 
                 Value Name: [  ], Value: [ %SystemRoot%\system32\mshtml.dll ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\INPROCSERVER32 ], 
                 Value Name: [ ThreadingModel ], Value: [ Apartment ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\INPROCSERVER32 ], 
                 Value Name: [  ], Value: [ C:\WINDOWS\system32\urlmon.dll ], 2 times
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\INPROCSERVER32 ], 
                 Value Name: [ ThreadingModel ], Value: [ Both ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\INPROCSERVER32 ], 
                 Value Name: [  ], Value: [ %SystemRoot%\system32\shdocvw.dll ], 4 times
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\INPROCSERVER32 ], 
                 Value Name: [ ThreadingModel ], Value: [ Apartment ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\INPROCSERVER32 ], 
                 Value Name: [  ], Value: [ C:\WINDOWS\system32\shdocvw.dll ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\INPROCSERVER32 ], 
                 Value Name: [ ThreadingModel ], Value: [ Apartment ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{8F6B0360-B80D-11D0-A9B3-006097942311}\INPROCSERVER32 ], 
                 Value Name: [  ], Value: [ C:\WINDOWS\system32\urlmon.dll ], 3 times
            Key: [ HKLM\SOFTWARE\CLASSES\CLSID\{8F6B0360-B80D-11D0-A9B3-006097942311}\INPROCSERVER32 ], 
                 Value Name: [ ThreadingModel ], Value: [ Apartment ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\INTERFACE\{000214E6-0000-0000-C000-000000000046}\PROXYSTUBCLSID32 ], 
                 Value Name: [  ], Value: [ {bf50b68e-29b8-4386-ae9c-9734d5117cd5} ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\INTERFACE\{79EAC9C4-BAF9-11CE-8C82-00AA004BA90B}\PROXYSTUBCLSID32 ], 
                 Value Name: [  ], Value: [ {B8DA6310-E19B-11D0-933C-00A0C90DCAA9} ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\INTERFACE\{93F2F68C-1D1B-11D3-A30E-00C04F79ABD1}\PROXYSTUBCLSID32 ], 
                 Value Name: [  ], Value: [ {bf50b68e-29b8-4386-ae9c-9734d5117cd5} ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\INTERFACE\{B722BCCB-4E68-101B-A2BC-00AA00404770}\PROXYSTUBCLSID32 ], 
                 Value Name: [  ], Value: [ {B8DA6310-E19B-11D0-933C-00A0C90DCAA9} ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\INTERFACE\{EAB22AC1-30C1-11CF-A7EB-0000C05BAE0B}\TYPELIB ], 
                 Value Name: [  ], Value: [ {EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B} ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\MIME\DATABASE\CONTENT TYPE\TEXT/HTML ], 
                 Value Name: [ Extension ], Value: [ .htm ], 2 times
            Key: [ HKLM\SOFTWARE\CLASSES\TYPELIB\{00020430-0000-0000-C000-000000000046}\2.0\0\WIN32 ], 
                 Value Name: [  ], Value: [ C:\WINDOWS\system32\stdole2.tlb ], 1 time
            Key: [ HKLM\SOFTWARE\CLASSES\TYPELIB\{EAB22AC0-30C1-11CF-A7EB-0000C05BAE0B}\1.1\0\WIN32 ], 
                 Value Name: [  ], Value: [ C:\WINDOWS\system32\shdocvw.dll ], 1 time
            Key: [ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\about ], 
                 Value Name: [ CLSID ], Value: [ {3050F406-98B5-11CF-BB82-00AA00BDCE0B} ], 6 times
            Key: [ HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\res ], 
                 Value Name: [ CLSID ], Value: [ {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} ], 20 times
            Key: [ HKLM\SOFTWARE\Microsoft\CTF\SystemShared\ ], 
                 Value Name: [ CUAS ], Value: [ 0 ], 1 time
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ UrlEncoding ], Value: [ 0x00000000 ], 6 times
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform ], 
                 Value Name: [ .NET CLR 1.1.4322 ], Value: [  ], 1 time
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform ], 
                 Value Name: [ .NET CLR 2.0.50727 ], Value: [  ], 1 time
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform ], 
                 Value Name: [ .NET CLR 3.0.04506.30 ], Value: [  ], 1 time
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform ], 
                 Value Name: [ .NET CLR 3.0.04506.648 ], Value: [  ], 1 time
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform ], 
                 Value Name: [ .NET CLR 3.5.21022 ], Value: [  ], 1 time
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform ], 
                 Value Name: [ .NET4.0C ], Value: [  ], 1 time
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform ], 
                 Value Name: [ .NET4.0E ], Value: [  ], 1 time
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ], 
                 Value Name: [ SV1 ], Value: [  ], 1 time
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\UA Tokens ], 
                 Value Name: [  ], Value: [  ], 1 time
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\UA Tokens ], 
                 Value Name: [ MSN 2.0 ], Value: [  ], 1 time
            Key: [ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\UA Tokens ], 
                 Value Name: [ MSN 2.5 ], Value: [  ], 1 time
            Key: [ HKLM\SYSTEM\CurrentControlSet\Control\Session Manager ], 
                 Value Name: [ CriticalSectionTimeout ], Value: [ 2592000 ], 1 time
            Key: [ HKLM\SYSTEM\CurrentControlSet\Services\Winsock\Parameters ], 
                 Value Name: [ Transports ], Value: [ 0x5400630070006900700000004e0065007400420049004f00530000000000 ], 2 times
            Key: [ HKLM\SYSTEM\Setup ], 
                 Value Name: [ SystemSetupInProgress ], Value: [ 0 ], 1 time
            Key: [ HKLM\Software\Classes\CLSID\{00021401-0000-0000-c000-000000000046}\InProcServer32 ], 
                 Value Name: [  ], Value: [ shell32.dll ], 1 time
            Key: [ HKLM\Software\Classes\CLSID\{871c5380-42a0-1069-a2ea-08002b30309d}\InProcServer32 ], 
                 Value Name: [  ], Value: [ %SystemRoot%\system32\shdocvw.dll ], 3 times
            Key: [ HKLM\Software\Microsoft\COM3 ], 
                 Value Name: [ Com+Enabled ], Value: [ 1 ], 2 times
            Key: [ HKLM\Software\Microsoft\COM3 ], 
                 Value Name: [ REGDBVersion ], Value: [ 0x0b00000000000000 ], 28 times
            Key: [ HKLM\Software\Microsoft\Internet Explorer ], 
                 Value Name: [ IntegratedBrowser ], Value: [ 1 ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} ], 
                 Value Name: [ MenuText ], Value: [ Sun Java Console ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} ], 
                 Value Name: [ clsid ], Value: [ {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Extensions\{E2E2DD38-D088-4134-82B7-F2BA38496583} ], 
                 Value Name: [ Exec ], Value: [ %windir%\Network Diagnostic\xpnetdiag.exe ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Extensions\{E2E2DD38-D088-4134-82B7-F2BA38496583} ], 
                 Value Name: [ MenuText ], Value: [ @xpsp3res.dll,-20001 ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11D2-BB9E-00C04F795683} ], 
                 Value Name: [ ButtonText ], Value: [ Messenger ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11D2-BB9E-00C04F795683} ], 
                 Value Name: [ Default Visible ], Value: [ Yes ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11D2-BB9E-00C04F795683} ], 
                 Value Name: [ Exec ], Value: [ C:\Program Files\Messenger\msmsgs.exe ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11D2-BB9E-00C04F795683} ], 
                 Value Name: [ MenuText ], Value: [ Windows Messenger ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683} ], 
                 Value Name: [ clsid ], Value: [ {1FBA04EE-3024-11D2-8F1F-0000F87ABD16} ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} ], 
                 Value Name: [ clsid ], Value: [ {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS ], 
                 Value Name: [ * ], Value: [ 1 ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL ], 
                 Value Name: [ * ], Value: [ 1 ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\URL Compatibility\~/CONNWIZ.HTM ], 
                 Value Name: [ Compatibility Flags ], Value: [ 4 ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\URL Compatibility\~/CWIZINTR.HTM ], 
                 Value Name: [ Compatibility Flags ], Value: [ 4 ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Version Vector ], 
                 Value Name: [ IE ], Value: [ 6.0000 ], 1 time
            Key: [ HKLM\Software\Microsoft\Internet Explorer\Version Vector ], 
                 Value Name: [ VML ], Value: [ 1.0 ], 1 time
            Key: [ HKLM\Software\Microsoft\Tracing ], 
                 Value Name: [ EnableConsoleTracing ], Value: [ 0 ], 1 time
            Key: [ HKLM\Software\Microsoft\Tracing\RASAPI32 ], 
                 Value Name: [ ConsoleTracingMask ], Value: [ 4294901760 ], 2 times
            Key: [ HKLM\Software\Microsoft\Tracing\RASAPI32 ], 
                 Value Name: [ EnableConsoleTracing ], Value: [ 0 ], 2 times
            Key: [ HKLM\Software\Microsoft\Tracing\RASAPI32 ], 
                 Value Name: [ EnableFileTracing ], Value: [ 0 ], 2 times
            Key: [ HKLM\Software\Microsoft\Tracing\RASAPI32 ], 
                 Value Name: [ FileDirectory ], Value: [ %windir%\tracing ], 4 times
            Key: [ HKLM\Software\Microsoft\Tracing\RASAPI32 ], 
                 Value Name: [ FileTracingMask ], Value: [ 4294901760 ], 2 times
            Key: [ HKLM\Software\Microsoft\Tracing\RASAPI32 ], 
                 Value Name: [ MaxFileSize ], Value: [ 1048576 ], 2 times
            Key: [ HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList ], 
                 Value Name: [ AllUsersProfile ], Value: [ All Users ], 2 times
            Key: [ HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList ], 
                 Value Name: [ DefaultUserProfile ], Value: [ Default User ], 2 times
            Key: [ HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList ], 
                 Value Name: [ ProfilesDirectory ], Value: [ %SystemDrive%\Documents and Settings ], 4 times
            Key: [ HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-842925246-1425521274-308236825-500 ], 
                 Value Name: [ ProfileImagePath ], Value: [ %SystemDrive%\Documents and Settings\Administrator ], 2 times
            Key: [ HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows ], 
                 Value Name: [ AppInit_DLLs ], Value: [  ], 1 time
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion ], 
                 Value Name: [ CommonFilesDir ], Value: [ C:\Program Files\Common Files ], 2 times
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion ], 
                 Value Name: [ ProgramFilesDir ], Value: [ C:\Program Files ], 2 times
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\ICWCONN1.EXE ], 
                 Value Name: [ Path ], Value: [ C:\Program Files\Internet Explorer\Connection Wizard; ], 1 time
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ], 
                 Value Name: [ Common AppData ], Value: [ %ALLUSERSPROFILE%\Application Data ], 1 time
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents ], 
                 Value Name: [ 0 ], Value: [ image/gif ], 3 times
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents ], 
                 Value Name: [ 1 ], Value: [ image/x-xbitmap ], 3 times
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents ], 
                 Value Name: [ 2 ], Value: [ image/jpeg ], 3 times
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents ], 
                 Value Name: [ 3 ], Value: [ image/pjpeg ], 3 times
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents ], 
                 Value Name: [ application ], Value: [ application/x-ms-application ], 3 times
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents ], 
                 Value Name: [ flash ], Value: [ application/x-shockwave-flash ], 3 times
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents ], 
                 Value Name: [ xaml ], Value: [ application/xaml+xml ], 3 times
            Key: [ HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Accepted Documents ], 
                 Value Name: [ xbap ], Value: [ application/x-ms-xbap ], 3 times
            Key: [ HKLM\Software\Microsoft\windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ UrlEncoding ], Value: [ 0x00000000 ], 2 times
            Key: [ HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers ], 
                 Value Name: [ TransparentEnabled ], Value: [ 1 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName ], 
                 Value Name: [ ComputerName ], Value: [ PC ], 3 times
            Key: [ HKLM\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\Joystick\Winmm ], 
                 Value Name: [ wheel ], Value: [ 1 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Control\NLS\Language Groups ], 
                 Value Name: [ a ], Value: [  ], 2 times
            Key: [ HKLM\System\CurrentControlSet\Control\Nls\CodePage ], 
                 Value Name: [ 950 ], Value: [ c_950.nls ], 2 times
            Key: [ HKLM\System\CurrentControlSet\Control\Nls\Codepage ], 
                 Value Name: [ 932 ], Value: [ c_932.nls ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Control\Nls\Codepage ], 
                 Value Name: [ 936 ], Value: [ c_936.nls ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Nls\Codepage ], 
                 Value Name: [ 949 ], Value: [ c_949.nls ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Control\Nls\Codepage ], 
                 Value Name: [ 950 ], Value: [ c_950.nls ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Control\ProductOptions ], 
                 Value Name: [ ProductType ], Value: [ WinNT ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ ComSpec ], Value: [ %SystemRoot%\system32\cmd.exe ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ FP_NO_HOST_CHECK ], Value: [ NO ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ NUMBER_OF_PROCESSORS ], Value: [ 1 ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ OS ], Value: [ Windows_NT ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ PATHEXT ], Value: [ .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ PROCESSOR_ARCHITECTURE ], Value: [ x86 ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ PROCESSOR_IDENTIFIER ], Value: [ x86 Family 6 Model 3 Stepping 3, GenuineIntel ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ PROCESSOR_LEVEL ], Value: [ 6 ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ PROCESSOR_REVISION ], Value: [ 0303 ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ Path ], Value: [ %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ TEMP ], Value: [ %SystemRoot%\TEMP ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ TMP ], Value: [ %SystemRoot%\TEMP ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Session Manager\Environment ], 
                 Value Name: [ windir ], Value: [ %SystemRoot% ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Control\Terminal Server ], 
                 Value Name: [ TSAppCompat ], Value: [ 0 ], 3 times
            Key: [ HKLM\System\CurrentControlSet\Control\Terminal Server ], 
                 Value Name: [ TSUserEnabled ], Value: [ 0 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\LDAP ], 
                 Value Name: [ LdapClientIntegrity ], Value: [ 1 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\Tcpip\Parameters ], 
                 Value Name: [ Domain ], Value: [  ], 2 times
            Key: [ HKLM\System\CurrentControlSet\Services\Tcpip\Parameters ], 
                 Value Name: [ Hostname ], Value: [ pc ], 2 times
            Key: [ HKLM\System\CurrentControlSet\Services\Tcpip\Parameters ], 
                 Value Name: [ UseDomainNameDevolution ], Value: [ 0 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock ], 
                 Value Name: [ HelperDllName ], Value: [ %SystemRoot%\System32\wshtcpip.dll ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock ], 
                 Value Name: [ Mapping ], Value: [ 0x0b0000000300000002000000010000000600000002000000010000000000 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock ], 
                 Value Name: [ MaxSockaddrLength ], Value: [ 16 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock ], 
                 Value Name: [ MinSockaddrLength ], Value: [ 16 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock ], 
                 Value Name: [ UseDelayedAcceptance ], Value: [ 0 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters ], 
                 Value Name: [ WinSock_Registry_Version ], Value: [ 2.0 ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5 ], 
                 Value Name: [ Num_Catalog_Entries ], Value: [ 3 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5 ], 
                 Value Name: [ Serial_Access_Num ], Value: [ 4 ], 2 times
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 ], 
                 Value Name: [ DisplayString ], Value: [ Tcpip ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 ], 
                 Value Name: [ Enabled ], Value: [ 1 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 ], 
                 Value Name: [ LibraryPath ], Value: [ %SystemRoot%\System32\mswsock.dll ], 2 times
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 ], 
                 Value Name: [ ProviderId ], Value: [ 0x409d05229e7ecf11ae5a00aa00a7112b ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 ], 
                 Value Name: [ StoresServiceClassInfo ], Value: [ 0 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 ], 
                 Value Name: [ SupportedNameSpace ], Value: [ 12 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001 ], 
                 Value Name: [ Version ], Value: [ 0 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 ], 
                 Value Name: [ DisplayString ], Value: [ NTDS ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 ], 
                 Value Name: [ Enabled ], Value: [ 1 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 ], 
                 Value Name: [ LibraryPath ], Value: [ %SystemRoot%\System32\winrnr.dll ], 2 times
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 ], 
                 Value Name: [ ProviderId ], Value: [ 0xee37263b80e5cf11a55500c04fd8d4ac ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 ], 
                 Value Name: [ StoresServiceClassInfo ], Value: [ 0 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 ], 
                 Value Name: [ SupportedNameSpace ], Value: [ 32 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002 ], 
                 Value Name: [ Version ], Value: [ 0 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 ], 
                 Value Name: [ DisplayString ], Value: [ Network Location Awareness (NLA) Namespace ], 4 times
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 ], 
                 Value Name: [ Enabled ], Value: [ 1 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 ], 
                 Value Name: [ LibraryPath ], Value: [ %SystemRoot%\System32\mswsock.dll ], 2 times
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 ], 
                 Value Name: [ ProviderId ], Value: [ 0x3a244266a83ba64abaa52e0bd71fdd83 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 ], 
                 Value Name: [ StoresServiceClassInfo ], Value: [ 0 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 ], 
                 Value Name: [ SupportedNameSpace ], Value: [ 15 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003 ], 
                 Value Name: [ Version ], Value: [ 0 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9 ], 
                 Value Name: [ Next_Catalog_Entry_ID ], Value: [ 1020 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9 ], 
                 Value Name: [ Num_Catalog_Entries ], Value: [ 13 ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9 ], 
                 Value Name: [ Serial_Access_Num ], Value: [ 6 ], 2 times
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\mswsock. ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\mswsock. ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\mswsock. ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\rsvpsp.d ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\rsvpsp.d ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\mswsock. ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\mswsock. ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\mswsock. ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\mswsock. ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\mswsock. ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\mswsock. ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\mswsock. ], 1 time
            Key: [ HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013 ], 
                 Value Name: [ PackedCatalogItem ], Value: [ %SystemRoot%\system32\mswsock. ], 1 time
            Key: [ HKLM\System\Setup ], 
                 Value Name: [ SystemSetupInProgress ], Value: [ 0 ], 3 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Control Panel\International ], 
                 Value Name: [ NumShape ], Value: [ 1 ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Environment ], 
                 Value Name: [ TEMP ], Value: [ %USERPROFILE%\Local Settings\Temp ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Environment ], 
                 Value Name: [ TMP ], Value: [ %USERPROFILE%\Local Settings\Temp ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ], 
                 Value Name: [ Language Hotkey ], Value: [ 1 ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Keyboard Layout\Toggle ], 
                 Value Name: [ Layout Hotkey ], Value: [ 2 ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\SOFTWARE\Microsoft\Internet Explorer\Security\P3Global ], 
                 Value Name: [ Enabled ], Value: [ 1 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ EnableHttp1_1 ], Value: [ 1 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ EnableNegotiate ], Value: [ 1 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ MimeExclusionListForCache ], Value: [ multipart/mixed multipart/x-mixed-replace multipart/x-byteranges  ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ User Agent ], Value: [ Mozilla/4.0 (compatible; MSIE 6.0; Win32) ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ WarnOnPost ], Value: [ 0x01000000 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\Extensions\CmdMapping ], 
                 Value Name: [ {08B0E5C0-4FCB-11CF-AAA5-00401C608501} ], Value: [ 8194 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\Extensions\CmdMapping ], 
                 Value Name: [ {FB5F1910-F110-11d2-BB9E-00C04F795683} ], Value: [ 8193 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\Extensions\CmdMapping ], 
                 Value Name: [ {e2e2dd38-d088-4134-82b7-f2ba38496583} ], Value: [ 8192 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\International\Scripts\3 ], 
                 Value Name: [ IEFixedFontName ], Value: [ Courier New ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\International\Scripts\3 ], 
                 Value Name: [ IEPropFontName ], Value: [ Times New Roman ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\Main ], 
                 Value Name: [ Anchor Underline ], Value: [ yes ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\Main ], 
                 Value Name: [ Disable Script Debugger ], Value: [ yes ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\Main ], 
                 Value Name: [ Display Inline Images ], Value: [ yes ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\Main ], 
                 Value Name: [ Use_DlgBox_Colors ], Value: [ yes ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\Settings ], 
                 Value Name: [ Anchor Color ], Value: [ 0,0,255 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\Settings ], 
                 Value Name: [ Anchor Color Visited ], Value: [ 128,0,128 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Internet Explorer\Settings ], 
                 Value Name: [ Use Anchor Hover Color ], Value: [ No ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows NT\CurrentVersion\Winlogon ], 
                 Value Name: [ ParseAutoexec ], Value: [ 1 ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ], 
                 Value Name: [ AppData ], Value: [ %USERPROFILE%\Application Data ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ], 
                 Value Name: [ Cache ], Value: [ %USERPROFILE%\Local Settings\Temporary Internet Files ], 3 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ], 
                 Value Name: [ Cookies ], Value: [ %USERPROFILE%\Cookies ], 3 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ], 
                 Value Name: [ History ], Value: [ %USERPROFILE%\Local Settings\History ], 3 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ], 
                 Value Name: [ Local Settings ], Value: [ %USERPROFILE%\Local Settings ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ], 
                 Value Name: [ Personal ], Value: [ %USERPROFILE%\My Documents ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ ProxyEnable ], Value: [ 0 ], 7 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache ], 
                 Value Name: [ Signature ], Value: [ Client UrlCache MMF Ver 5.2 ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content ], 
                 Value Name: [ CacheLimit ], Value: [ 163410 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content ], 
                 Value Name: [ CachePrefix ], Value: [  ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content ], 
                 Value Name: [ PerUserItem ], Value: [ 1 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies ], 
                 Value Name: [ CacheLimit ], Value: [ 8192 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies ], 
                 Value Name: [ CachePrefix ], Value: [ Cookie: ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies ], 
                 Value Name: [ PerUserItem ], Value: [ 1 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012011021720110218 ], 
                 Value Name: [ CacheLimit ], Value: [ 8192 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012011021720110218 ], 
                 Value Name: [ CacheOptions ], Value: [ 11 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012011021720110218 ], 
                 Value Name: [ CachePath ], Value: [ %USERPROFILE%\Local Settings\History\History.IE5\MSHist012011021720110218\ ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012011021720110218 ], 
                 Value Name: [ CachePrefix ], Value: [ :2011021720110218:  ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012011021720110218 ], 
                 Value Name: [ CacheRepair ], Value: [ 0 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012011021820110219 ], 
                 Value Name: [ CacheLimit ], Value: [ 8192 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012011021820110219 ], 
                 Value Name: [ CacheOptions ], Value: [ 11 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012011021820110219 ], 
                 Value Name: [ CachePath ], Value: [ %USERPROFILE%\Local Settings\History\History.IE5\MSHist012011021820110219\ ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012011021820110219 ], 
                 Value Name: [ CachePrefix ], Value: [ :2011021820110219:  ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012011021820110219 ], 
                 Value Name: [ CacheRepair ], Value: [ 0 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History ], 
                 Value Name: [ CacheLimit ], Value: [ 8192 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History ], 
                 Value Name: [ CachePrefix ], Value: [ Visited: ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History ], 
                 Value Name: [ PerUserItem ], Value: [ 1 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ ], 
                 Value Name: [ IntranetName ], Value: [ 1 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ ], 
                 Value Name: [ ProxyBypass ], Value: [ 1 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\ProtocolDefaults\ ], 
                 Value Name: [ http ], Value: [ 3 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 ], 
                 Value Name: [ 1809 ], Value: [ 3 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 ], 
                 Value Name: [ Flags ], Value: [ 33 ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 ], 
                 Value Name: [ Flags ], Value: [ 219 ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 ], 
                 Value Name: [ Flags ], Value: [ 71 ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 ], 
                 Value Name: [ 1809 ], Value: [ 0 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 ], 
                 Value Name: [ 1A10 ], Value: [ 1 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 ], 
                 Value Name: [ Flags ], Value: [ 1 ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 ], 
                 Value Name: [ Flags ], Value: [ 3 ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached ], 
                 Value Name: [ {871C5380-42A0-1069-A2EA-08002B30309D} {000214E6-0000-0000-C000-000000000046} 0x401 ], Value: [ 0x010000007c6c9c7cc0da56ab0ac5c801 ], 3 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\ShellNoRoam\MUICache ], 
                 Value Name: [ LangID ], Value: [ 0x0904 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\Windows\ShellNoRoam\MUICache\ ], 
                 Value Name: [ @xpsp3res.dll,-20001 ], Value: [ Diagnose Connection Problems... ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ MigrateProxy ], Value: [ 1 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\windows\CurrentVersion\Internet Settings ], 
                 Value Name: [ ProxyEnable ], Value: [ 0 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections ], 
                 Value Name: [ DefaultConnectionSettings ], Value: [ 0x3c0000000300000001000000000000000000000000000000040000000000 ], 2 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections ], 
                 Value Name: [ SavedLegacySettings ], Value: [ 0x3c0000001500000001000000000000000000000000000000040000000000 ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Software\Microsoft\windows\CurrentVersion\Internet Settings\Url History ], 
                 Value Name: [ DaysToKeep ], Value: [ 20 ], 1 time
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Volatile Environment ], 
                 Value Name: [ APPDATA ], Value: [ C:\Documents and Settings\Administrator\Application Data ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Volatile Environment ], 
                 Value Name: [ CLIENTNAME ], Value: [ Console ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Volatile Environment ], 
                 Value Name: [ HOMEDRIVE ], Value: [ C: ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Volatile Environment ], 
                 Value Name: [ HOMEPATH ], Value: [ \Documents and Settings\Administrator ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Volatile Environment ], 
                 Value Name: [ HOMESHARE ], Value: [  ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Volatile Environment ], 
                 Value Name: [ LOGONSERVER ], Value: [ \\PC ], 4 times
            Key: [ HKU\S-1-5-21-842925246-1425521274-308236825-500\Volatile Environment ], 
                 Value Name: [ SESSIONNAME ], Value: [ Console ], 4 times

  9. #23

    Join Date
    Jan 2008
    Location
    www.indogamers.com
    Posts
    1,058
    Points
    -68.50
    Thanks: 124 / 394 / 279

    Default

    nih beberapa kasih karya mereka yang lain
    mereka sering "menyusupkan ***" kedalam karya buatan mereka.









    sebenernya masih banyak sih yang mau gua tulis, cuman gua lagi males.
    wkwkwk

    intinya cuma :
    tidak ada yang melarang juga tidak ada yang menganjurkan
    semua keputusan ada ditangan masing2 orang
    kalo loe percaya dan merasa fine2 aja---> monggo silahkan loe pake


    tapi kalo gua sih...ogah
    wkwkwk










    MOMOD / MIMIN MAAF,
    GUA GAK BISA EDIT POST
    DITEMPAT GUA FORUM LEMOT
    Last edited by maphack_user; 02-03-14 at 12:58.

  10. #24
    Chasonoren's Avatar
    Join Date
    Nov 2012
    Location
    dimana mana hatiku senang!
    Posts
    7,923
    Points
    77.00
    Thanks: 229 / 246 / 221

    Default

    coba bantu cek in donk warkey gw m_u
    http://speedy.sh/Wr6c6/WarKey.exe
    tolonggggssss

  11. #25

    Join Date
    Jan 2008
    Location
    www.indogamers.com
    Posts
    1,058
    Points
    -68.50
    Thanks: 124 / 394 / 279

    Default

    Quote Originally Posted by JKT-OREN View Post
    coba bantu cek in donk warkey gw m_u
    http://speedy.sh/Wr6c6/WarKey.exe
    tolonggggssss
    gua males bongkar/bedah
    karena hasilnya gak akan beda jauh, malah lebih parah punya loe keknya
    wkwkwk


    punya yukay---> https://www.virustotal.com/en/file/5...is/1393727379/

    punya loe---> https://www.virustotal.com/en/file/a...is/1393740791/


    intinya gak beda jauh / masih 1 keluarga
    wkwkwk
    tapi kalo loe2 orang yang udah pake merasa fine2 aja.....
    .....monggo silahkan loe pake
    gak ada yang larang kok

    gua mah cuma sekedar memberi informasi doang
    mau didenger atau tidak, bukan urusan gua
    wkwkwk
    Last edited by maphack_user; 02-03-14 at 13:19.

  12. The Following User Says Thank You to maphack_user For This Useful Post:
  13. #26
    YUKAY_HN_VAMPS's Avatar
    Join Date
    Jun 2011
    Location
    彼女の心
    Posts
    6,496
    Points
    4,369.54
    Thanks: 54 / 56 / 43

    Default

    permasalahannya udah ketemu nih
    tuh warkey emg kadang suka buka mozzila sndri
    pantesan aja

    M_U sndri pake warkey yg mana kl maen ??
    nyontek dong :ag-haha:
    solusi blm ktmu nih masalahnya...
    Ψ My Life, My Rules Ψ

  14. #27

    Join Date
    Jan 2008
    Location
    www.indogamers.com
    Posts
    1,058
    Points
    -68.50
    Thanks: 124 / 394 / 279

    Default

    spammer, melakukan koneksi internet TANPA IJIN, lagi beraksi ngetroll.
    wkwkwk









    Quote Originally Posted by YUKAY_HN_VAMPS View Post
    M_U sndri pake warkey yg mana kl maen ??
    nyontek dong :ag-haha:
    solusi blm ktmu nih masalahnya...
    GUA PRO njenk!!
    http://eu.battle.net/sc2/en/profile/.../achievements/
    wkwkwk

    pemain pro main game....gak pake alat bantu!!
    wkwkwk

  15. #28
    YUKAY_HN_VAMPS's Avatar
    Join Date
    Jun 2011
    Location
    彼女の心
    Posts
    6,496
    Points
    4,369.54
    Thanks: 54 / 56 / 43

    Default

    TAE COK !!

    :ag-haha:

    itu ceramah apa pamer tod ??

    itu warkey bs di stop ga biar g ngetroll ??
    penyebab dy stuck itu dmn dan bs di ilangin g stucknya ??
    PENCERAHAN dong M_U
    Ψ My Life, My Rules Ψ

  16. #29

    Join Date
    Jan 2008
    Location
    www.indogamers.com
    Posts
    1,058
    Points
    -68.50
    Thanks: 124 / 394 / 279

    Default

    Quote Originally Posted by YUKAY_HN_VAMPS View Post
    TAE COK !!

    :ag-haha:

    itu ceramah apa pamer tod ??

    itu warkey bs di stop ga biar g ngetroll ??
    penyebab dy stuck itu dmn dan bs di ilangin g stucknya ??
    PENCERAHAN dong M_U
    block pake firewall, jangan kasih ijin dia untuk mengakses internet.
    eh tapi? loe run warkey as administrator?
    kalo jawabannya "YA", maka dia berkuasa penuh terhadap komputer loe
    administrator---> rezon penguasa

    warkey.exe loe run as administrator
    berarti warkey.exe adalah rezon dikomputer loe
    wkwkwk

    *nb*
    sori nald, nama loe gua pinjem,soalnya loe ngeTOP
    wkwkwk
    Last edited by maphack_user; 02-03-14 at 14:59.

  17. #30
    -Sakurazuka-'s Avatar
    Join Date
    Feb 2013
    Location
    Depok
    Posts
    1,202
    Points
    2,155.66
    Thanks: 12 / 17 / 16

    Default

    kalo dota tool kit itu ada ga bro?

Page 2 of 4 FirstFirst 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •