GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-03-10 18:18:04 Windows 6.2.9200 x64 Running: 3f0i1vpe.exe ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed -1742710062 Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Parameters\Instup_14889903379212288@SetupOperations ???4?/???????O??? ???????V?????V???????V??L????????????????????V?V?????????????????????????????? ??????????? ??????????? ??????????? ??????????????????????????????????????????????????????????????????V???V???V???V???V???V????? ???????V???????????V?V????????????&??????????????????????????V?V?????????????????????????? ??????????? ??????????? ??????????? ??????????????????????????????????????????????????????????????????????????????e?????V?V?????????V??????????Tcpip\Parameters\Interfaces\{76F5D0EA-6770-4D13-9974-B997471DCF11}?????????V???V????? ???????V???????????V?V????????????&??????????????????????????????????????e?????V?V?????????V??????????Tcpip\Parameters\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}??????DynDRootClasse???V?V?V???V??????????????? ???????V?????????????V?V??????????????????????se?????V?V???????????????? ????????? ??????????? ????????????????????????????????????????? ????(??????P??????????????????????(??????P???????????????????????????????????????? ???????V?????V???????V??L????????? ?????? Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy@Num 15 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\0@UID {19C1C60A-3C80-47E9-AAC7-7BB950D62181} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\0@Filename C:\Users\?ukasz\AppData\Local\Temp\Rar$EXa0.420\rmq2tm48.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\0@DeviceName C:\Users\?ukasz\AppData\Local\Temp\Rar$EXa0.420\rmq2tm48.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1@UID {8F951ECE-26FA-4E21-B1FD-F03D5A64336C} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1@Filename C:\Users\?ukasz\AppData\Local\Temp\Rar$EXa0.002\rmq2tm48.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1@DeviceName C:\Users\?ukasz\AppData\Local\Temp\Rar$EXa0.002\rmq2tm48.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules@Num 5 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\0@Flags 16 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\1@Flags 65536 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\1@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\1\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\1\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\1\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\1\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\2@Flags 8 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\2@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\2\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\2\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\2\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\2\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\3 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\3@Flags 512 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\3@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\3\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\3\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\3\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\3\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\4 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\4@Flags 4096 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\4@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\4\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\4\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\4\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\1\Rules\4\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\10@UID {E20272F6-EB6C-4816-84EB-FC1C971B8388} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\10@Flags 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\10@Filename %windir%\explorer.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\10@DeviceName C:\Windows\explorer.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\10@TreatAs Aplikacja systemu Windows Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\11@UID {BF8F6D19-2225-471F-A56E-99B35D293ECC} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\11@Flags 9 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\11@DeviceName Aplikacje Windows Update Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\11@TreatAs Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12@UID {464EC53D-57DD-45B5-AF36-25F768D301F6} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12@Flags 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12@DeviceName COMODO Internet Security Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12@TreatAs Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections@Num 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0@Flags 4 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions@Num 5 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\0@UID {3632D0C4-EECB-473B-A319-6E3466677D4D} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\0@Flags 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\0@DeviceName Systemowe aplikacje Windows Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\1@UID {FB5E0B75-430F-41CB-BE32-779336666ADC} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\1@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\1@Filename C:\Programy\COMODO\COMODO Internet Security\* Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\1@DeviceName C:\Programy\COMODO\COMODO Internet Security\* Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\2@UID {1A65BD62-E56C-4490-8D16-3A0795A7EEDF} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\2@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\2@Filename %windir%\explorer.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\2@DeviceName C:\Windows\explorer.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\3 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\3@UID {25A70E1C-CB6A-4CAB-A79C-E2905E7FA721} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\3@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\3@Filename %windir%\system32\msiexec.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\3@DeviceName C:\Windows\System32\msiexec.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\4 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\4@UID {A659A3B6-CC96-425E-A486-EB5824FA3A17} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\4@Condition Platform==x64 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\4@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\4@Filename %windir%\SysWOW64\msiexec.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\0\Exceptions\4@DeviceName C:\Windows\SysWOW64\msiexec.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1@Flags 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions@Num 4 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\0@UID {90D63AB2-CD84-4246-BA81-728B2007EB8E} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\0@Flags 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\0@DeviceName Systemowe aplikacje Windows Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\1@UID {8EC3779D-0D8A-4877-BB03-C32F268E22DB} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\1@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\1@Filename C:\Programy\COMODO\COMODO Internet Security\* Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\1@DeviceName C:\Programy\COMODO\COMODO Internet Security\* Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\2@UID {5F278254-E4A2-4024-8C45-1CDD0DE2BD22} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\2@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\2@Filename %windir%\system32\msiexec.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\2@DeviceName C:\Windows\System32\msiexec.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\3 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\3@UID {E004E1EE-CB3E-4834-AC06-F0A33899EA4D} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\3@Condition Platform==x64 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\3@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\3@Filename %windir%\SysWOW64\msiexec.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Protections\1\Exceptions\3@DeviceName C:\Windows\SysWOW64\msiexec.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules@Num 13 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\0@Flags 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\0@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\0\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\0\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\0\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\0\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\1@Flags 4 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\1@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\1\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\1\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\1\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\1\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\10 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\10@Flags 8 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\10@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\10\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\10\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\10\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\10\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\11 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\11@Flags 65536 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\11@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\11\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\11\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\11\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\11\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\12 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\12@Flags 512 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\12@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\12\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\12\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\12\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\12\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\2@Flags 1024 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\2@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\2\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\2\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\2\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\2\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\3 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\3@Flags 2048 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\3@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\3\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\3\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\3\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\3\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\4 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\4@Flags 4096 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\4@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\4\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\4\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\4\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\4\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\5 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\5@Flags 32 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\5@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\5\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\5\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\5\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\5\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\6 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\6@Flags 64 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\6@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\6\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\6\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\6\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\6\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\7 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\7@Flags 128 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\7@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\7\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\7\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\7\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\7\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\8 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\8@Flags 256 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\8@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\8\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\8\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\8\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\8\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\9 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\9@Flags 16 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\9@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\9\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\9\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\9\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\12\Rules\9\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13@UID {7EE319E2-2A20-4808-8B9B-0E2B2C0857C4} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13@Flags 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13@DeviceName Wszystkie aplikacje Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules@Num 6 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\0@Flags 16 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\0@DefaultAction 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\0\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\0\Allowed@Num 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\0\Allowed\0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\0\Allowed\0@UID {99556C37-F5D6-4BB4-8FF3-436416F55CA5} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\0\Allowed\0@Flags 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\0\Allowed\0@DeviceName Pliki tymczasowe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\0\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\0\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\1@Flags 8 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\1@DefaultAction 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\1\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\1\Allowed@Num 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\1\Allowed\0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\1\Allowed\0@UID {FB1F18F2-7F3E-4A1D-997C-6367A057DC7B} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\1\Allowed\0@Flags 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\1\Allowed\0@DeviceName Klucze tymczasowe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\1\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\1\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2@Flags 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2@DefaultAction 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2\Blocked@Num 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2\Blocked\0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2\Blocked\0@UID {386F35A6-CAF7-4FAA-9834-249073E57F09} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2\Blocked\0@Condition Os==Vista || Os==Win7 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2\Blocked\0@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2\Blocked\0@Filename ?:\$Recycle.Bin\* Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\2\Blocked\0@DeviceName ?:\$Recycle.Bin\* Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3@Flags 2048 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3@DefaultAction 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed@Num 8 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\0@UID {6F3E9CF9-DC82-4E8A-80FF-977E6FB4AF5F} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\0@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\0@Filename %windir%\system32\msctf.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\0@DeviceName C:\Windows\System32\msctf.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\1@UID {67BFEF20-B462-4808-A11B-DAC8CA6B17AC} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\1@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\1@Filename %windir%\system32\shell32.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\1@DeviceName C:\Windows\System32\shell32.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\2@UID {EBAC2E3F-003B-422F-8331-8765101B5A7C} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\2@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\2@Filename %windir%\system32\browseui.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\2@DeviceName C:\Windows\System32\browseui.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\3 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\3@UID {948D397E-4E3A-4BD3-B9CF-1206C407044A} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\3@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\3@Filename %windir%\system32\ieframe.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\3@DeviceName C:\Windows\System32\ieframe.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\4 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\4@UID {B3BC1BE3-54DC-4B87-A3D0-AC779DE1B95C} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\4@Condition Platform==x64 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\4@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\4@Filename %windir%\SysWOW64\msctf.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\4@DeviceName C:\Windows\SysWOW64\msctf.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\5 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\5@UID {AE2A65FD-113B-4487-9FC3-F697774A9130} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\5@Condition Platform==x64 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\5@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\5@Filename %windir%\SysWOW64\shell32.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\5@DeviceName C:\Windows\SysWOW64\shell32.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\6 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\6@UID {0C38728C-5E93-4E66-BBDC-9DBB33A010C1} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\6@Condition Platform==x64 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\6@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\6@Filename %windir%\SysWOW64\browseui.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\6@DeviceName C:\Windows\SysWOW64\browseui.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\7 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\7@UID {3D17C4E5-72A3-4365-A9B1-877147FD4B2E} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\7@Condition Platform==x64 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\7@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\7@Filename %windir%\SysWOW64\ieframe.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Allowed\7@DeviceName C:\Windows\SysWOW64\ieframe.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\3\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4@Flags 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4@DefaultAction 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4\Allowed@Num 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4\Allowed\0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4\Allowed\0@UID {B9D15C26-2C23-4197-8E93-7F6A61771E35} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4\Allowed\0@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4\Allowed\0@Filename %windir%\system32\ctfmon.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4\Allowed\0@DeviceName C:\Windows\System32\ctfmon.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\4\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5@Flags 4 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5@DefaultAction 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5\Allowed@Num 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5\Allowed\0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5\Allowed\0@UID {3F50C469-8260-4B2D-A6BA-ED87AC7D988C} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5\Allowed\0@Flags 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5\Allowed\0@Filename * Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5\Allowed\0@DeviceName * Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\13\Rules\5\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\14@UID {1FAA9565-83A4-4D6F-A59A-0B15D549C103} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\14@Flags 3 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\14@DeviceName COMODO Applications Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\14@TreatAs Zaufana aplikacja Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\14\Protections@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\14\Rules@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\2@UID {404BD9CE-41DF-4C18-BE6E-4A0BA9610224} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\2@Filename C:\Programy\WinRAR\WinRAR.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\2@DeviceName C:\Programy\WinRAR\WinRAR.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\2\Rules@Num 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\2\Rules\0@Flags 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\3@UID {AC6647FE-0F49-4416-B707-4A9F3511FD79} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\3@Filename C:\ProgramData\Comodo\Cis\tempscrpt\C_cmd.exe_2B598B565A009EFEE7A0EAC74B45E94EDEBEA01C.bat Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\3@DeviceName C:\ProgramData\Comodo\Cis\tempscrpt\C_cmd.exe_2B598B565A009EFEE7A0EAC74B45E94EDEBEA01C.bat Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\3\Rules@Num 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\3\Rules\0@Flags 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\4@UID {117D6C25-A652-44C5-9441-C6067B4D2345} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\4@Filename C:\ProgramData\Comodo\Cis\tempscrpt\C_cmd.exe_011D6E74E2956D119707C7997B0D0F77D0DF2653.bat Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\4@DeviceName C:\ProgramData\Comodo\Cis\tempscrpt\C_cmd.exe_011D6E74E2956D119707C7997B0D0F77D0DF2653.bat Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\5@UID {5EBB943F-3145-4522-92E3-D2E00654A024} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\5@Filename C:\Windows\ERUNT.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\5@DeviceName C:\Windows\ERUNT.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\5\Rules\0@Flags 4096 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\6@UID {9DDC5572-97AD-44D7-936C-09EB501B9DAC} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\6@Filename C:\Windows\System32\cmd.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\6@DeviceName C:\Windows\System32\cmd.exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7@UID {9EDE8673-977E-4DF2-9BDC-806325AAA5AC} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7@Filename E:\Programy\FRST64 (1).exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7@DeviceName E:\Programy\FRST64 (1).exe Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules@Num 5 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\1@Flags 65536 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\1@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\1\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\1\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\1\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\1\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\2@Flags 8 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\2@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\2\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\2\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\2\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\2\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\3 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\3@Flags 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\3@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\3\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\3\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\3\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\3\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\4 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\4@Flags 16 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\4@DefaultAction 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\4\Allowed Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\4\Allowed@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\4\Blocked Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\7\Rules\4\Blocked@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\8@UID {E81BF535-BEA7-4AC0-9AB8-DEC5660DD71A} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\8@Flags 3 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\8@DeviceName Aplikacje Modern UI Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\8@TreatAs Zaufana aplikacja Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\8\Rules@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\9@UID {D8BB81BF-82CE-4D25-A77E-4BFC97C565DD} Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\9@Flags 3 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\9@DeviceName Systemowe aplikacje Windows Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\9@TreatAs Aplikacja systemu Windows Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\CisConfigs\2\HIPS\Policy\9\Rules@Num 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\Mode\Configurations@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\Mode\Data@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\CmdAgent\Mode\Options@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0x93 0x01 0x0D 0x16 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0x93 0x69 0xD1 0x77 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0x93 0x99 0x48 0xB4 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Software\COMODO\Cam@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKLM\SYSTEM\Software\COMODO\Firewall Pro@SymbolicLinkValue 0x5C 0x00 0x52 0x00 ... Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\JumplistData@C:\Programy\COMODO\COMODO Internet Security\cis.exe 0x14 0x76 0x45 0x9B ... ---- EOF - GMER 2.2 ----