File: d72f1d50c36919429c218e1dc2762277
Metadata
| 8d0ecbc0-b60f-11e6-bab4-80e65024849a.file.zip | |
| Zip archive data, at least v2.0 to extract | 373266 bytes |
| 2016-12-01 15:57:36 | |
| d72f1d50c36919429c218e1dc2762277 | |
| 3ade65ed8a93ddb56359a6eeda312dd9c6481f78 | |
| 601b4cd3c747b707efc5200cbe5b2e11b5406bf2c794a89adb277c17348a0eeb | |
| 2367fe4052c587fca5cb365c2170a8ca4f2e713ec6c2a6a955ce2208884167c900a65a441b3a97364e688d5ea5f98e3a3d3fac7c3a96cad5ac788890a7e34615 | |
| 6144:jUZoViAcultIg7Y/JNHwOjCeD5OB+d6DAvvm7ub97yY/rbtIZtSU+9T5XEBWNttI:jUZcRc4R7yrjC85AXU3miB7yCIZtS19Y | |
| N/A | |
| N/A | |
APTNotes
Cyber threat intelligence reports associated with d72f1d50c36919429c218e1dc2762277.
Cyber threat intelligence reports associated with d72f1d50c36919429c218e1dc2762277.
Domains
Domains the malware sample communicates with.
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
HTTP requests the malware sample makes.
| Host | URL | User-Agent |
|---|---|---|
| cdn.bisrv.com | /sdk/binsis/2.1/BiTool.dll | NSIS_Inetc (Mozilla) |
AV Detections
AV detection names associated with the malware sample.
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
Registry keys created by the malware sample.
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\8d0ecbc0-b60f-11e6-bab4-80e65024849a.file |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{20D04FE0-3AEA-1069-A2D8-08002B30309D} |
| HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{475c7950-e3d2-11e0-8d7a-806d6172696f}\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{475c7952-e3d2-11e0-8d7a-806d6172696f}\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{475c7952-e3d2-11e0-8d7a-806d6172696f}\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{475c7950-e3d2-11e0-8d7a-806d6172696f}\ |
| HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions |
| HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9} |
| HKEY_CLASSES_ROOT\Directory |
| HKEY_CLASSES_ROOT\Directory\CurVer |
| HKEY_CLASSES_ROOT\Directory\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced |
| HKEY_CLASSES_ROOT\Directory\\ShellEx\IconHandler |
| HKEY_CLASSES_ROOT\Directory\\Clsid |
| HKEY_CLASSES_ROOT\Folder |
| HKEY_CLASSES_ROOT\Folder\Clsid |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\Unlocker.exe |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IMM |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF |
| HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\SystemShared |
| HKEY_CURRENT_USER\Keyboard Layout\Toggle |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\LangBarAddIn\ |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\LangBarAddIn\ |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Unlocker |
| HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B83AF3AB-4FED-45D1-A8B8-9E66F3411813} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_LOCAL_MACHINE\System\Setup |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path1 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path2 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path3 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path4 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Special Paths |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014092220140929 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014092920140930 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AUTOPROXY_CACHE_ANAME_KB921400 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_TEMPORARYFILES_FOR_NOCACHE_840387 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_TEMPORARYFILES_FOR_NOCACHE_840386 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\RETRY_HEADERONLYPOST_ONCONNECTIONRESET |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CHUNK_TIMEOUT_KB914453 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CERT_TRUST_VERIFIED_KB936882 |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BUFFERBREAKING_818408 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SKIP_POST_RETRY_ON_INTERNETWRITEFILE_KB895954 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENSURE_FQDN_FOR_NEGOTIATE_KB899417 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_DISABLE_NTLM_PREAUTH_IF_ABORTED_KB902409 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WPAD_STORE_URL_AS_FQDN_KB903926 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_CNAME_FOR_SPN_KB911149 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_KEEP_CACHE_INDEX_OPEN_KB899342 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WAIT_TIME_THREAD_TERMINATE_KB886801 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FIX_CHUNKED_PROXY_SCRIPT_DOWNLOAD_KB843289 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE |
| HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters\RPA |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters\RPA |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INCLUDE_PORT_IN_SPN_KB908209 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\RASAPI32 |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004 |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\windows\CurrentVersion\Internet Settings |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName |
| ActiveComputerName |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1547161642-507921405-839522115-1004 |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\Winlogon |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Environment |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Volatile Environment |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections |
| HKEY_CURRENT_CONFIG\Software\Microsoft\windows\CurrentVersion\Internet Settings |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\Ranges\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\0 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\1 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\2 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\3 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\4 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\ |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_URLHOSTNAME |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\Domains\bisrv.com |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\bisrv.com |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\ProtocolDefaults\ |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESPECT_OBJECTSAFETY_POLICY_KB905547 |
| HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/octet-stream |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager |
| HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Explorer\AutoComplete |
| HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Explorer\AutoComplete |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete |
| HKEY_LOCAL_MACHINE\Software\Microsoft\COM3 |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004_Classes |
| HKEY_LOCAL_MACHINE\Software\Classes |
| \REGISTRY\USER |
| HKEY_LOCAL_MACHINE\Software\Classes\CLSID |
| CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062} |
| CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\TreatAs |
| \CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062} |
| \CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InprocServer32 |
| \CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InprocServerX86 |
| \CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\LocalServer32 |
| \CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InprocHandler32 |
| \CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InprocHandlerX86 |
| \CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062} |
| HKEY_CLASSES_ROOT\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\TreatAs |
| CLSID\{03C036F1-A186-11D0-824A-00AA005B4383} |
| CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\TreatAs |
| \CLSID\{03C036F1-A186-11D0-824A-00AA005B4383} |
| \CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 |
| \CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServerX86 |
| \CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\LocalServer32 |
| \CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocHandler32 |
| \CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocHandlerX86 |
| \CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383} |
| HKEY_CLASSES_ROOT\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\TreatAs |
| CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062} |
| CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\TreatAs |
| \CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062} |
| \CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 |
| \CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServerX86 |
| \CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\LocalServer32 |
| \CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocHandler32 |
| \CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocHandlerX86 |
| \CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062} |
| HKEY_CLASSES_ROOT\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\TreatAs |
| HKEY_CLASSES_ROOT\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InProcServer32 |
| HKEY_CLASSES_ROOT\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InProcServer32 |
| HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Explorer\Advanced |
| HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Explorer\Advanced |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\UnlockerDriver5 |
| CLSID\{00021401-0000-0000-C000-000000000046} |
| CLSID\{00021401-0000-0000-C000-000000000046}\TreatAs |
| \CLSID\{00021401-0000-0000-C000-000000000046} |
| \CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 |
| \CLSID\{00021401-0000-0000-C000-000000000046}\InprocServerX86 |
| \CLSID\{00021401-0000-0000-C000-000000000046}\LocalServer32 |
| \CLSID\{00021401-0000-0000-C000-000000000046}\InprocHandler32 |
| \CLSID\{00021401-0000-0000-C000-000000000046}\InprocHandlerX86 |
| \CLSID\{00021401-0000-0000-C000-000000000046}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046} |
| HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\TreatAs |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TXT |
| HKEY_CLASSES_ROOT\.TXT |
| HKEY_CLASSES_ROOT\txtfile |
| HKEY_CLASSES_ROOT\txtfile\CurVer |
| HKEY_CLASSES_ROOT\txtfile\ |
| HKEY_CLASSES_ROOT\txtfile\\ShellEx\IconHandler |
| HKEY_CLASSES_ROOT\SystemFileAssociations\.TXT |
| HKEY_CLASSES_ROOT\SystemFileAssociations\text |
| HKEY_CLASSES_ROOT\SystemFileAssociations\text\ShellEx\IconHandler |
| HKEY_CLASSES_ROOT\txtfile\\Clsid |
| HKEY_CLASSES_ROOT\SystemFileAssociations\text\Clsid |
| HKEY_CLASSES_ROOT\* |
| HKEY_CLASSES_ROOT\*\Clsid |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ProductOptions |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\DefaultSecurity |
| HKEY_CLASSES_ROOT\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\InProcServer32 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName\{475c7952-e3d2-11e0-8d7a-806d6172696f}\ |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe |
| HKEY_CLASSES_ROOT\.exe |
| HKEY_CLASSES_ROOT\exefile |
| HKEY_CLASSES_ROOT\exefile\CurVer |
| HKEY_CLASSES_ROOT\exefile\ |
| HKEY_CLASSES_ROOT\exefile\\ShellEx\IconHandler |
| HKEY_CLASSES_ROOT\SystemFileAssociations\.exe |
| HKEY_CLASSES_ROOT\SystemFileAssociations\application |
| HKEY_CLASSES_ROOT\exefile\\Clsid |
| HKEY_CLASSES_ROOT\CLSID\{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} |
| HKEY_CLASSES_ROOT\CLSID\{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}\InProcServer32 |
| HKEY_CLASSES_ROOT\AllFileSystemObjects\shellex\ContextMenuHandlers\UnlockerShellExtension |
| HKEY_CLASSES_ROOT\folder\shellex\ContextMenuHandlers\UnlockerShellExtension |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url |
| HKEY_CLASSES_ROOT\.url |
| HKEY_CLASSES_ROOT\InternetShortcut |
| HKEY_CLASSES_ROOT\InternetShortcut\CurVer |
| HKEY_CLASSES_ROOT\InternetShortcut\ |
| HKEY_CLASSES_ROOT\InternetShortcut\\ShellEx\IconHandler |
| HKEY_CLASSES_ROOT\SystemFileAssociations\.url |
| HKEY_CLASSES_ROOT\InternetShortcut\\Clsid |
| HKEY_CLASSES_ROOT\CLSID\{FBF23B40-E3F0-101B-8488-00AA003E56F8}\Implemented Categories\{00021490-0000-0000-C000-000000000046} |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Unlocker |
Comments
User comments about d72f1d50c36919429c218e1dc2762277.
User comments about d72f1d50c36919429c218e1dc2762277.
