PUA_DOWNAD.GA
Windows
Threat Type:
Potentially Unwanted Application
Destructiveness:
No
Encrypted:
In the wild::
Yes
OVERVIEW
Puede haberlo instalado manualmente un usuario.
TECHNICAL DETAILS
Detalles de entrada
Puede haberlo instalado manualmente un usuario.
Instalación
Infiltra los archivos siguientes:
- %Application Data%\ESTsoft\ALUpdate\Log\ALUpdate.log
- %Application Data%\ESTsoft\Cooperation\shopping_zum.ico
- %Program Files%\ESTsoft\ALUpdate\알툴즈 업데이트.lnk
- %Program Files%\ESTsoft\ALUpdate\ALAd.dll
- %Program Files%\ESTsoft\ALUpdate\ALUpdate.exe
- %Program Files%\ESTsoft\ALUpdate\ALUpdateEx.dll
- %Program Files%\ESTsoft\ALUpdate\ALUpExt.exe
- %Program Files%\ESTsoft\ALUpdate\ALUpProduct.exe
- %Program Files%\ESTsoft\ALUpdate\AZMain.dll
- %Program Files%\ESTsoft\ALUpdate\Banner.ini
- %Program Files%\ESTsoft\ALUpdate\cacerts.pem
- %Program Files%\ESTsoft\ALUpdate\eausvc.exe
- %Program Files%\ESTsoft\ALUpdate\ezt.exe
- %Program Files%\ESTsoft\ALUpdate\ko-kr.dll
- %Program Files%\ESTsoft\ALUpdate\ns{random characters}.tmp
- %Program Files%\ESTsoft\ALUpdate\Simple_ALUpdate.gif
- %Program Files%\ESTsoft\ALUpdate\Simple_Co.gif
- %Program Files%\ESTsoft\ALUpdate\Simple_Public.gif
- %Program Files%\ESTsoft\ALUpdate\unins000.exe
- %Program Files%\ESTsoft\ALZip\알집.lnk
- %Program Files%\ESTsoft\ALZip\7za.dll
- %Program Files%\ESTsoft\ALZip\About.swf
- %Program Files%\ESTsoft\ALZip\ALAd.dll
- %Program Files%\ESTsoft\ALZip\ALMountConn.dll
- %Program Files%\ESTsoft\ALZip\ALMountDrv.sys
- %Program Files%\ESTsoft\ALZip\ALMountDrv64.sys
- %Program Files%\ESTsoft\ALZip\ALMountService.exe
- %Program Files%\ESTsoft\ALZip\ALMountTray.exe
- %Program Files%\ESTsoft\ALZip\ALSTS.dll
- %Program Files%\ESTsoft\ALZip\ALUpdate.dll
- %Program Files%\ESTsoft\ALZip\ALZip.exe
- %Program Files%\ESTsoft\ALZip\ALZipCon.exe
- %Program Files%\ESTsoft\ALZip\ALZipIcon.dll
- %Program Files%\ESTsoft\ALZip\AZCTM.dll
- %Program Files%\ESTsoft\ALZip\AZCTM64.dll
- %Program Files%\ESTsoft\ALZip\Banner\DefBanner2.gif
- %Program Files%\ESTsoft\ALZip\Banner\DefBanner3.gif
- %Program Files%\ESTsoft\ALZip\Cabinet.dll
- %Program Files%\ESTsoft\ALZip\Coders\AZO.dll
- %Program Files%\ESTsoft\ALZip\Coders\BZ2.dll
- %Program Files%\ESTsoft\ALZip\Coders\Coder7z.dll
- %Program Files%\ESTsoft\ALZip\Coders\Deflate.dll
- %Program Files%\ESTsoft\ALZip\Coders\Implode.dll
- %Program Files%\ESTsoft\ALZip\Coders\LZH.dll
- %Program Files%\ESTsoft\ALZip\Coders\LZMA.dll
- %Program Files%\ESTsoft\ALZip\Coders\PPMD.dll
- %Program Files%\ESTsoft\ALZip\dbghelp.dll
- %Program Files%\ESTsoft\ALZip\ECRSC.dll
- %Program Files%\ESTsoft\ALZip\ECRSC_KR.dll
- %Program Files%\ESTsoft\ALZip\EGGSFX.sfx
- %Program Files%\ESTsoft\ALZip\EULA.rtf
- %Program Files%\ESTsoft\ALZip\Formats\7z.dll
- %Program Files%\ESTsoft\ALZip\Formats\Ace.dll
- %Program Files%\ESTsoft\ALZip\Formats\Alz.dll
- %Program Files%\ESTsoft\ALZip\Formats\BZip.dll
- %Program Files%\ESTsoft\ALZip\Formats\Cab.dll
- %Program Files%\ESTsoft\ALZip\Formats\CDImage.dll
- %Program Files%\ESTsoft\ALZip\Formats\Egg.dll
- %Program Files%\ESTsoft\ALZip\Formats\ETC.dll
- %Program Files%\ESTsoft\ALZip\Formats\GZip.dll
- %Program Files%\ESTsoft\ALZip\Formats\Lha.dll
- %Program Files%\ESTsoft\ALZip\Formats\Rar.dll
- %Program Files%\ESTsoft\ALZip\Formats\Tar.dll
- %Program Files%\ESTsoft\ALZip\Formats\Zip.dll
- %Program Files%\ESTsoft\ALZip\gdiplus.dll
- %Program Files%\ESTsoft\ALZip\icudt42.dll
- %Program Files%\ESTsoft\ALZip\icuuc42.dll
- %Program Files%\ESTsoft\ALZip\LGPL.txt
- %Program Files%\ESTsoft\ALZip\libETC.dll
- %Program Files%\ESTsoft\ALZip\License.txt
- %Program Files%\ESTsoft\ALZip\MFC90KOR.dll
- %Program Files%\ESTsoft\ALZip\mfc90u.dll
- %Program Files%\ESTsoft\ALZip\Microsoft.VC90.CRT.manifest
- %Program Files%\ESTsoft\ALZip\Microsoft.VC90.MFC.manifest
- %Program Files%\ESTsoft\ALZip\Microsoft.VC90.MFCLOC.manifest
- %Program Files%\ESTsoft\ALZip\msvcp90.dll
- %Program Files%\ESTsoft\ALZip\msvcr90.dll
- %Program Files%\ESTsoft\ALZip\NewEgg.dat
- %Program Files%\ESTsoft\ALZip\NewZip.dat
- %Program Files%\ESTsoft\ALZip\ns{random characters}.tmp
- %Program Files%\ESTsoft\ALZip\readme.txt
- %Program Files%\ESTsoft\ALZip\splash.bmp
- %Program Files%\ESTsoft\ALZip\Styles\Office2013.dll
- %Program Files%\ESTsoft\ALZip\ToolkitPro.ResourceKo.dll
- %Program Files%\ESTsoft\ALZip\ToolkitPro1640vc90U.dll
- %Program Files%\ESTsoft\ALZip\unacev2.dll
- %Program Files%\ESTsoft\ALZip\unins000.exe
- %Program Files%\ESTsoft\ALZip\unrar.dll
- %Program Files%\ESTsoft\Common\ALSTSCollector.exe
- %Program Files%\ESTsoft\Common\ezt.exe
- %Program Files%\ESTsoft\Common\ns{random characters}.tmp
- %Start Menu%\알집.lnk
- %System Root%\Users\Public\Desktop\알집.lnk
- %User Temp%\ns{random characters}.tmD\EstUrl.dll
- %User Temp%\ns{random characters}.tmD\newadvsplash.dll
- %User Temp%\ns{random characters}.tmD\PromotionSetter.dll
- %User Temp%\ns{random characters}.tmD\StartInfo.htm
- %User Temp%\ns{random characters}.tmD\stext
- %User Temp%\ns{random characters}.tmp
(Nota: %Application Data% es la carpeta Application Data del usuario activo, que en el caso de Windows 98 y ME suele estar ubicada en C:\Windows\Profiles\{nombre de usuario}\Application Data, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario}\Application Data y en el caso de Windows 2000, XP y Server 2003 en C:\Documents and Settings\{nombre de usuario}\Local Settings\Application Data).
. %Program Files% es la carpeta Archivos de programa predeterminada, que suele estar en C:\Archivos de programa).. %Start Menu% es la carpeta Menú Inicio del usuario activo, que en el caso de Windows 98 y ME suele estar ubicada en C:\Windows\Profiles\{nombre de usuario}\Menú Inicio, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario}\Menú Inicio y en el caso de Windows 2000, XP y Server 2003 en C:\Documents and Settings\{nombre de usuario}\Menú Inicio).. %System Root% es la carpeta raíz, normalmente C:\. También es la ubicación del sistema operativo).. %User Temp% es la carpeta Temp del usuario activo, que en el caso de Windows 2000, XP y Server 2003 suele estar en C:\Documents and Settings\{nombre de usuario}\Local Settings\Temp).)Crea las carpetas siguientes:
- %Application Data%\ESTsoft
- %Application Data%\ESTsoft\ALUpdate
- %Application Data%\ESTsoft\ALUpdate\Log
- %Application Data%\ESTsoft\Cooperation
- %Program Files%\ESTsoft
- %Program Files%\ESTsoft\ALUpdate
- %Program Files%\ESTsoft\ALZip
- %Program Files%\ESTsoft\ALZip\Banner
- %Program Files%\ESTsoft\ALZip\Coders
- %Program Files%\ESTsoft\ALZip\Formats
- %Program Files%\ESTsoft\ALZip\Styles
- %Program Files%\ESTsoft\Common
- %User Temp%\ns{random characters}.tmD
(Nota: %Application Data% es la carpeta Application Data del usuario activo, que en el caso de Windows 98 y ME suele estar ubicada en C:\Windows\Profiles\{nombre de usuario}\Application Data, en el caso de Windows NT en C:\WINNT\Profiles\{nombre de usuario}\Application Data y en el caso de Windows 2000, XP y Server 2003 en C:\Documents and Settings\{nombre de usuario}\Local Settings\Application Data).
. %Program Files% es la carpeta Archivos de programa predeterminada, que suele estar en C:\Archivos de programa).. %User Temp% es la carpeta Temp del usuario activo, que en el caso de Windows 2000, XP y Server 2003 suele estar en C:\Documents and Settings\{nombre de usuario}\Local Settings\Temp).)Otras modificaciones del sistema
Agrega las siguientes entradas de registro como parte de la rutina de instalación:
HKEY_CURRENT_USER\Software\ESTsoft
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.001
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.7z
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ace
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.alz
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.arc
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.arj
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.b64
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bh
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bhx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bin
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bz
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bz2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.cab
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ear
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.egg
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.enc
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.gz
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ha
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.hqx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ice
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.img
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.iso
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.jar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lcd
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lha
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lzh
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.mim
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.nrg
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.pak
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.rar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tbz
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tbz2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tgz
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.uu
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.uue
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.war
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.xxe
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.xz
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.z
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.zip
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.zoo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SOFTWARE\ESTsoft\ALZip
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALBanner
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALSTS
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALUpdate
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities
Agrega las siguientes entradas de registro:
HKEY_CURRENT_USER\Software\ESTsoft\
ALUpdate
(Default) = ""
HKEY_CURRENT_USER\Software\ESTsoft\
ALUpdate
language = "ko-KR"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip
(Default) = ""
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip
LanguageResource = ""
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip
RootDir = "%Program Files%\ESTsoft\ALZip"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip
Version = "10.73"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
AutoCloseCompress = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
AutoCloseExtract = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
AutoTestResultType = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
AutoTestType = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
CascadedContextMenu = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
CheckUsedIcon = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
CompressionTempPath = ""
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
CompressionTempPathType = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra1 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra1_2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra1_3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra2 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra2_2 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra2_3 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra3 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra3_2 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra3_3 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra4 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra4_2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra4_3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra5 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra5_2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuExtra5_3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive1 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive1_2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive1_3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive2_2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive2_3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive3_2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive3_3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive4 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive4_2 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive4_3 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive5 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive5_2 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive5_3 = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive6 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive6_2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive6_3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive7 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive7_2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnArchive7_3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnFiles1 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnFiles1_2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnFiles1_3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnFiles2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnFiles2_2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnFiles2_3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnFiles3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnFiles3_2 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ContextMenuOnFiles3_3 = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
CreateFilenameFolderUnderSelectedFolder = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
DefaultArchiveFormat = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
DefaultProgram = ""
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
DefaultSplitSizeType = "2"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ExecuteDefPrgIfNotRegisteredPrg = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ExtensionCheckRule = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ExtractLastPath = ""
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
LastCompressFormat = "zip"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
LastThreadCount = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ListViewSortIndex = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ListViewStyle = "3"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
MainBottomSectionSize = "100"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
MainLeftSectionSize = "206"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
MyDefaultFolder = "."
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
MyDefaultFolderType = "3"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
NewArchiveDialogExpanded = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
NoMsgDeletingTempFiles = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
NoShowAttachMailMsg = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
OpenDialogIncFullPath = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
OpenDialogIncSubFolders = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
OpenFolderAfterExtract = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ReplaceDialogAll = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ReplaceDialogDoType = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ReplaceDialogOverwriteType = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ScanVirusOnExtracting = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
SearchIgnoreCase = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowArchiveComment = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowColumnAttribute = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowColumnComment = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowColumnCRC = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowColumnDirectory = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowColumnMethod = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowColumnModifiedDate = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowColumnPackedSize = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowColumnRatio = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowColumnType = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowColumnUnpackedSize = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowColumnVolume = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowLeftSection = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowStatusBar = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
ShowToolBar = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
SmartTarGz = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
SortColumn = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
SpecifiedProgram = "notepad.exe"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
SpeedExtractorType = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
UnassociateExtensions = ""
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
UseContextMenu = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
UseFullRowSelect = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
UsePasswordMask = "1"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
UseSmartHeaderCheck = "0"
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
VirusScanner = ""
HKEY_CURRENT_USER\Software\ESTsoft\
ALZip\Config
VirusScannerParam = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip
(Default) = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.001\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,34"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.001\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.001\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.7z\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,35"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.7z\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.7z\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ace\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,3"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ace\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ace\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.alz\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.alz\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.alz\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.alz\ShellEx\DropHandler
(Default) = "{4EB37360-49E8-11D3-95B5-004033382980}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.arc\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,4"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.arc\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.arc\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.arj\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,5"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.arj\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.arj\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.b64\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,6"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.b64\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.b64\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bh\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,7"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bh\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bh\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bhx\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,8"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bhx\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bhx\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bin\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,9"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bin\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bin\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bz\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,38"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bz\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bz\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bz2\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,10"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bz2\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.bz2\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.cab\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,11"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.cab\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.cab\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ear\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,12"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ear\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ear\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.egg\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,36"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.egg\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.egg\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.egg\ShellEx\DropHandler
(Default) = "{4EB37360-49E8-11D3-95B5-004033382980}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.enc\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,13"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.enc\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.enc\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.gz\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,14"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.gz\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.gz\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ha\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,15"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ha\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ha\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.hqx\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,16"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.hqx\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.hqx\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ice\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,17"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ice\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.ice\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.img\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,39"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.img\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.img\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.iso\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,18"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.iso\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.iso\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.jar\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,19"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.jar\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.jar\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.jar\ShellEx\DropHandler
(Default) = "{4EB37360-49E8-11D3-95B5-004033382980}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lcd\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,20"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lcd\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lcd\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lha\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,21"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lha\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lha\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lha\ShellEx\DropHandler
(Default) = "{GUID}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lzh\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,22"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lzh\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lzh\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.lzh\ShellEx\DropHandler
(Default) = "{GUID}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.mim\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,23"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.mim\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.mim\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.nrg\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,40"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.nrg\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.nrg\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.pak\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,24"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.pak\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.pak\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.rar\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,25"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.rar\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.rar\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tar\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,26"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tar\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tar\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tar\ShellEx\DropHandler
(Default) = "{GUID}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tbz\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,37"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tbz\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tbz\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tbz\ShellEx\DropHandler
(Default) = "{GUID}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tbz2\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,37"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tbz2\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tbz2\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tbz2\ShellEx\DropHandler
(Default) = "{GUID}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tgz\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,27"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tgz\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tgz\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.tgz\ShellEx\DropHandler
(Default) = "{GUID}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.uu\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,28"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.uu\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.uu\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.uue\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,28"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.uue\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.uue\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.war\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,29"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.war\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.war\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.xxe\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,30"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.xxe\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.xxe\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.xz\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,41"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.xz\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.xz\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.z\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,31"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.z\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.z\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.zip\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,32"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.zip\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.zip\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.zip\ShellEx\DropHandler
(Default) = "{GUID}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.zoo\DefaultIcon
(Default) = "%Program Files%\ESTsoft\ALZip\ALZipIcon.dll,33"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.zoo\Shell\Open
FriendlyAppName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
ALZip.zoo\Shell\Open\
Command
(Default) = "%Program Files%\ESTsoft\ALZip\ALZip.exe "%1""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SOFTWARE\ESTsoft\ALZip
(Default) = ""
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALBanner
Locale = "ko-KR"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALSTS
(Default) = ""
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALSTS
Locale = "ko-KR"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALSTS
RootDir = "%Program Files%\ESTsoft\Common"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALSTS
WebService = "http://{BLOCKED}R.{BLOCKED}S.altools.com/ALSTSService.asmx"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALUpdate
(Default) = ""
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALUpdate
language = "ko-KR"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALUpdate
RootDir = "%Program Files%\ESTsoft\ALUpdate"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALUpdate
WebService = "http://ko-KR.alupdate.altools.com/UpdateService.asmx"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip
(Default) = ""
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip
AdditionalVersion = ""
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip
ALUpdatePlan = "U"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip
EULAVersion = "38"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip
FullVersion = "10.73.0.1"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip
LanguageResource = ""
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip
Locale = "ko-KR"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip
ProductNo = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip
RootDir = "%Program Files%\ESTsoft\ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip
Version = "10.73"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities
ApplicationName = "ALZip"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.001 = "ALZip.001"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.7z = "ALZip.7z"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.ace = "ALZip.ace"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.alz = "ALZip.alz"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.arc = "ALZip.arc"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.arj = "ALZip.arj"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.b64 = "ALZip.b64"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.bh = "ALZip.bh"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.bhx = "ALZip.bhx"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.bin = "ALZip.bin"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.bz = "ALZip.bz"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.bz2 = "ALZip.bz2"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.cab = "ALZip.cab"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.ear = "ALZip.ear"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.egg = "ALZip.egg"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.enc = "ALZip.enc"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.gz = "ALZip.gz"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.ha = "ALZip.ha"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.hqx = "ALZip.hqx"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.ice = "ALZip.ice"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.img = "ALZip.img"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.iso = "ALZip.iso"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.jar = "ALZip.jar"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.lcd = "ALZip.lcd"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.lha = "ALZip.lha"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.lzh = "ALZip.lzh"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.mim = "ALZip.mim"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.nrg = "ALZip.nrg"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.pak = "ALZip.pak"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.rar = "ALZip.rar"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.tar = "ALZip.tar"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.tbz = "ALZip.tbz"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.tbz2 = "ALZip.tbz2"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.tgz = "ALZip.tgz"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.uu = "ALZip.uu"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.uue = "ALZip.uue"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.war = "ALZip.war"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.xxe = "ALZip.xxe"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.xz = "ALZip.xz"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.z = "ALZip.z"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.zip = "ALZip.zip"
HKEY_LOCAL_MACHINE\SOFTWARE\ESTsoft\
ALZip\Capabilities\FileAssociations
.zoo = "ALZip.zoo"
SOLUTION
Step 1
Los usuarios de Windows ME y XP, antes de llevar a cabo cualquier exploración, deben comprobar que tienen desactivada la opción Restaurar sistema para permitir la exploración completa del equipo.
Step 3
Identificar y terminar los archivos detectados como PUA_DOWNAD.GA
- Para los usuarios de Windows 98 y ME, puede que el Administrador de tareas de Windows no muestre todos los procesos en ejecución. En tal caso, utilice un visor de procesos de una tercera parte (preferiblemente, el Explorador de procesos) para terminar el archivo de malware/grayware/spyware. Puede descargar la herramienta en cuestión aquí.
- Si el archivo detectado aparece en el Administrador de tareas o en el Explorador de procesos, pero no puede eliminarlo, reinicie el equipo en modo seguro. Para ello, consulte este enlace para obtener todos los pasos necesarios.
- Si el archivo detectado no se muestra en el Administrador de tareas o el Explorador de procesos, prosiga con los pasos que se indican a continuación.
Step 4
Quitar PUA_DOWNAD.GA por medio de su propia opción de desinstalación
Step 5
Explorar el equipo con su producto de Trend Micro para eliminar los archivos detectados como PUA_DOWNAD.GA En caso de que el producto de Trend Micro ya haya limpiado, eliminado o puesto en cuarentena los archivos detectados, no serán necesarios más pasos. Puede optar simplemente por eliminar los archivos en cuarentena. Consulte esta página de Base de conocimientos para obtener más información.
Did this description help? Tell us how we did.