Classes Autorun Keys Modification

Action1: actionname = "Registry value modified" AND ((OBJECTNAME contains "\Software\Classes" OR (OBJECTNAME endswith "\Software" AND OBJECTVALUENAME startswith "Classes")) AND (OBJECTNAME contains "\Folder\ShellEx\ExtShellFolderViews,\Folder\ShellEx\DragDropHandlers,\Folder\Shellex\ColumnHandlers,\Filter,\Exefile\Shell\Open\Command\(Default),\Directory\Shellex\DragDropHandlers,\Directory\Shellex\CopyHookHandlers,\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance,\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance,\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance,\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance,\Classes\AllFileSystemObjects\ShellEx\DragDropHandlers,\.exe,\.cmd,\ShellEx\PropertySheetHandlers,\ShellEx\ContextMenuHandlers" OR (OBJECTNAME endswith "\Folder\ShellEx" AND OBJECTVALUENAME startswith "ExtShellFolderViews"))) AND (INFORMATION != "(Empty)" AND INFORMATION != "{807583E5-5146-11D5-A672-00B0D022E945}" AND PROCESSNAME != "C:\Windows\System32\drvinst.exe" AND (PROCESSNAME != "C:\Windows\System32\svchost.exe" OR (OBJECTNAME notcontains "\lnkfile\shellex\ContextMenuHandlers" AND (OBJECTNAME notendswith "\lnkfile\shellex\ContextMenuHandlers" OR isNotExist(OBJECTVALUENAME))))) select Action1.HOSTNAME,Action1.MESSAGE,Action1.OBJECTNAME,Action1.PROCESSNAME,Action1.PREVVAL,Action1.CHANGES