File: 6315657fd523118f51e294e35158f6bd89d032b26fe7749a4de985edc81e5f86
Metadata
| c.bat | |
| ASCII text, with CRLF line terminators | 3019 bytes |
| 2017-09-04 09:34:07 | |
| 830b8dc142f16aa928ada0e271a58572 | |
| 53267b43122ed52aba6ec9faa50397f311a295e8 | |
| 6315657fd523118f51e294e35158f6bd89d032b26fe7749a4de985edc81e5f86 | |
| 69f1f4732b1fd2f1505d344b5369add02b6c3695755947ee56529cbc8b663d2c8786f580109129197103f8eeeebd4b2c1bc1b73ee2452e8ac0384a3dcf788f42 | |
| 48:cU3M5lM2CqebaWaoa9ayapFYLLq4T/PJaQ6p2kpeQpjpGM:4fWZ76lDq2/RNK | |
| N/A | |
| N/A | |
APTNotes
Cyber threat intelligence reports associated with 6315657fd523118f51e294e35158f6bd89d032b26fe7749a4de985edc81e5f86.
Cyber threat intelligence reports associated with 6315657fd523118f51e294e35158f6bd89d032b26fe7749a4de985edc81e5f86.
Domains
Domains the malware sample communicates with.
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
AV detection names associated with the malware sample.
| ALYac | Trojan.BAT.Downloader.DN |
| Ad-Aware | Trojan.BAT.Downloader.DN |
| AegisLab | Troj.Bat.Gen!c |
| AhnLab-V3 | BAT/Conminer |
| Arcabit | Trojan.BAT.Downloader.DN |
| BitDefender | Trojan.BAT.Downloader.DN |
| CAT-QuickHeal | Trojan.BAT.3002 |
| Cyren | Trojan.FBPK-1 |
| ESET-NOD32 | BAT/CoinMiner.RU |
| Emsisoft | Trojan.BAT.Downloader.DN (B) |
| F-Secure | Trojan.BAT.Downloader.DN |
| GData | Trojan.BAT.Downloader.DN |
| Ikarus | Trojan.BAT.Downloader |
| Kaspersky | Trojan.BAT.Agent.asx |
| MAX | malware (ai score=99) |
| McAfee | BAT/Download.a |
| McAfee-GW-Edition | BAT/Download.a |
| MicroWorld-eScan | Trojan.BAT.Downloader.DN |
| Microsoft | Trojan:Win32/CoinMiner |
| Symantec | Trojan Horse |
| Tencent | Win32.Trojan-downloader.Vbs.Nusm |
| TrendMicro | TROJ_CONMINER.CFG |
| ViRobot | BAT.S.Downloader.3019 |
| ZoneAlarm | Trojan.BAT.Agent.asx |
Mutants
Mutants created by the malware sample.
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
Registry keys created by the malware sample.
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor |
| HKEY_CURRENT_USER\Software\Microsoft\Command Processor |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\LevelObjects |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers |
| {dda3f824-d8cb-441b-834d-be2efd2c1a33} |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\UrlZones |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\Paths |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\Hashes |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\UrlZones |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\Paths |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\Hashes |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\UrlZones |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\Paths |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\Hashes |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\UrlZones |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\Paths |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\Hashes |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\UrlZones |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\UrlZones |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\Paths |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\Hashes |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\UrlZones |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\Paths |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\Hashes |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\UrlZones |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\Paths |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\Hashes |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\UrlZones |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\Paths |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\Hashes |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\UrlZones |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Option |
| HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters |
| HKEY_LOCAL_MACHINE\System\WPA\Starter |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName |
| ActiveComputerName |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NetSh |
| \REGISTRY\MACHINE |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion |
| HKEY_LOCAL_MACHINE\Software\Microsoft\COM3 |
| HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004_Classes |
| HKEY_LOCAL_MACHINE\Software\Classes |
| \REGISTRY\USER |
| HKEY_LOCAL_MACHINE\Software\Classes\CLSID |
| CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24} |
| CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\TreatAs |
| \CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24} |
| \CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32 |
| \CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServerX86 |
| \CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer32 |
| \CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler32 |
| \CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandlerX86 |
| \CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24} |
| HKEY_CLASSES_ROOT\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\TreatAs |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\FWCFG |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\NAP\Netsh |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\NAP\Netsh\Napmontr |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Gemplus GemSAFE Card CSP v1.0 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Infineon SICRYPT Base Smart Card CSP |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Base Cryptographic Provider v1.0 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Base DSS and Diffie-Hellman Cryptographic Provider |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Base DSS Cryptographic Provider |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft DH SChannel Cryptographic Provider |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Enhanced Cryptographic Provider v1.0 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype) |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Exchange Cryptographic Provider v1.0 |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft RSA SChannel Cryptographic Provider |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Schlumberger Cryptographic Service Provider |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0 |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptDllFindOIDInfo |
| CLSID\{EA4A0A43-1C8F-4C7B-A4B1-28ECBD96BA8C} |
| CLSID\{EA4A0A43-1C8F-4C7B-A4B1-28ECBD96BA8C}\TreatAs |
| \CLSID\{EA4A0A43-1C8F-4C7B-A4B1-28ECBD96BA8C} |
| \CLSID\{EA4A0A43-1C8F-4C7B-A4B1-28ECBD96BA8C}\InprocServer32 |
| \CLSID\{EA4A0A43-1C8F-4C7B-A4B1-28ECBD96BA8C}\InprocServerX86 |
| \CLSID\{EA4A0A43-1C8F-4C7B-A4B1-28ECBD96BA8C}\LocalServer32 |
| \CLSID\{EA4A0A43-1C8F-4C7B-A4B1-28ECBD96BA8C}\InprocHandler32 |
| \CLSID\{EA4A0A43-1C8F-4C7B-A4B1-28ECBD96BA8C}\InprocHandlerX86 |
| \CLSID\{EA4A0A43-1C8F-4C7B-A4B1-28ECBD96BA8C}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{EA4A0A43-1C8F-4C7B-A4B1-28ECBD96BA8C} |
| HKEY_CLASSES_ROOT\CLSID\{EA4A0A43-1C8F-4C7B-A4B1-28ECBD96BA8C}\TreatAs |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\LocalConfig |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\LocalConfig\ |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\LocalConfig\\Enroll\HcsGroups |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\LocalConfig\\Enroll\HcsGroups\ |
| CLSID\{EB082BA1-DF8A-46BE-82F3-35BF9E9BE52F} |
| CLSID\{EB082BA1-DF8A-46BE-82F3-35BF9E9BE52F}\TreatAs |
| \CLSID\{EB082BA1-DF8A-46BE-82F3-35BF9E9BE52F} |
| \CLSID\{EB082BA1-DF8A-46BE-82F3-35BF9E9BE52F}\InprocServer32 |
| \CLSID\{EB082BA1-DF8A-46BE-82F3-35BF9E9BE52F}\InprocServerX86 |
| \CLSID\{EB082BA1-DF8A-46BE-82F3-35BF9E9BE52F}\LocalServer32 |
| \CLSID\{EB082BA1-DF8A-46BE-82F3-35BF9E9BE52F}\InprocHandler32 |
| \CLSID\{EB082BA1-DF8A-46BE-82F3-35BF9E9BE52F}\InprocHandlerX86 |
| \CLSID\{EB082BA1-DF8A-46BE-82F3-35BF9E9BE52F}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{EB082BA1-DF8A-46BE-82F3-35BF9E9BE52F} |
| HKEY_CLASSES_ROOT\CLSID\{EB082BA1-DF8A-46BE-82F3-35BF9E9BE52F}\TreatAs |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Shas |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Qecs |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Qecs\79617 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Qecs\79618 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Qecs\79619 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Qecs\79620 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Qecs\79621 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Qecs\79623 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\LocalConfig\\Qecs\79617 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\LocalConfig\\Qecs\79618 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\LocalConfig\\Qecs\79619 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\LocalConfig\\Qecs\79620 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\LocalConfig\\Qecs\79621 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\LocalConfig\\Qecs\79623 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\LocalConfig\\UI |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Ole |
| HKEY_CLASSES_ROOT\AppID\netsh.exe |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE |
| HKEY_LOCAL_MACHINE\Software\Microsoft\HCS |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\System\DNSclient |
| CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820} |
| CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\TreatAs |
| \CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820} |
| \CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocServer32 |
| \CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocServerX86 |
| \CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer32 |
| \CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler32 |
| \CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandlerX86 |
| \CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer |
| \AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820} |
| HKEY_CLASSES_ROOT\Interface\{F309AD18-D86A-11D0-A075-00C04FB68820} |
| HKEY_CLASSES_ROOT\Interface\{F309AD18-D86A-11D0-A075-00C04FB68820}\ProxyStubClsid32 |
| CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} |
| CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\TreatAs |
| \CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} |
| \CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InprocServer32 |
| \CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InprocServerX86 |
| \CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\LocalServer32 |
| \CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InprocHandler32 |
| \CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InprocHandlerX86 |
| \CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} |
| HKEY_CLASSES_ROOT\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\TreatAs |
| HKEY_CLASSES_ROOT\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887} |
| HKEY_CLASSES_ROOT\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32 |
| HKEY_CLASSES_ROOT\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7} |
| HKEY_CLASSES_ROOT\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32 |
| CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA} |
| CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\TreatAs |
| \CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA} |
| \CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32 |
| \CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServerX86 |
| \CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer32 |
| \CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler32 |
| \CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandlerX86 |
| \CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA} |
| HKEY_CLASSES_ROOT\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\TreatAs |
| HKEY_CLASSES_ROOT\Interface\{027947E1-D731-11CE-A357-000000000001} |
| HKEY_CLASSES_ROOT\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32 |
| CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD} |
| CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\TreatAs |
| \CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD} |
| \CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32 |
| \CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServerX86 |
| \CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer32 |
| \CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler32 |
| \CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandlerX86 |
| \CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD} |
| HKEY_CLASSES_ROOT\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\TreatAs |
| HKEY_CLASSES_ROOT\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD} |
| HKEY_CLASSES_ROOT\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32 |
| HKEY_CLASSES_ROOT\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD} |
| HKEY_CLASSES_ROOT\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Qecs\ |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Shas\Qecs\79617 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Shas\Qecs\79618 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Shas\Qecs\79619 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Shas\Qecs\79620 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Shas\Qecs\79621 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Shas\Qecs\79623 |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Shas\UI |
| HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NapAgent\Shas\Enroll\HcsGroups |
| HKEY_LOCAL_MACHINE\SOFTWARE\\Microsoft\\Wbem\\WMIC |
| HKEY_CURRENT_USER\SOFTWARE\\Microsoft\\Wbem\\WMIC |
| CLSID\{6DAF9757-2E37-11D2-AEC9-00C04FB68820} |
| CLSID\{6DAF9757-2E37-11D2-AEC9-00C04FB68820}\TreatAs |
| \CLSID\{6DAF9757-2E37-11D2-AEC9-00C04FB68820} |
| \CLSID\{6DAF9757-2E37-11D2-AEC9-00C04FB68820}\InprocServer32 |
| \CLSID\{6DAF9757-2E37-11D2-AEC9-00C04FB68820}\InprocServerX86 |
| \CLSID\{6DAF9757-2E37-11D2-AEC9-00C04FB68820}\LocalServer32 |
| \CLSID\{6DAF9757-2E37-11D2-AEC9-00C04FB68820}\InprocHandler32 |
| \CLSID\{6DAF9757-2E37-11D2-AEC9-00C04FB68820}\InprocHandlerX86 |
| \CLSID\{6DAF9757-2E37-11D2-AEC9-00C04FB68820}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{6DAF9757-2E37-11D2-AEC9-00C04FB68820} |
| HKEY_CLASSES_ROOT\CLSID\{6DAF9757-2E37-11D2-AEC9-00C04FB68820}\TreatAs |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\CIMOM |
| CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4} |
| CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\TreatAs |
| \CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4} |
| \CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 |
| \CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\InprocServerX86 |
| \CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\LocalServer32 |
| \CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\InprocHandler32 |
| \CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\InprocHandlerX86 |
| \CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4} |
| HKEY_CLASSES_ROOT\CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\TreatAs |
| HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\ |
| HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\file\ |
| HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\*\ |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings |
| HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl |
| HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FILEPROTOCOL_NOFINDFIRST_KB947853 |
| HKEY_CLASSES_ROOT\.xml |
| HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml |
| HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml |
| CLSID\{807563E5-5146-11D5-A672-00B0D022E945} |
| CLSID\{807563E5-5146-11D5-A672-00B0D022E945}\TreatAs |
| \CLSID\{807563E5-5146-11D5-A672-00B0D022E945} |
| \CLSID\{807563E5-5146-11D5-A672-00B0D022E945}\InprocServer32 |
| \CLSID\{807563E5-5146-11D5-A672-00B0D022E945}\InprocServerX86 |
| \CLSID\{807563E5-5146-11D5-A672-00B0D022E945}\LocalServer32 |
| \CLSID\{807563E5-5146-11D5-A672-00B0D022E945}\InprocHandler32 |
| \CLSID\{807563E5-5146-11D5-A672-00B0D022E945}\InprocHandlerX86 |
| \CLSID\{807563E5-5146-11D5-A672-00B0D022E945}\LocalServer |
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3 |
| HKEY_CLASSES_ROOT\CLSID\{807563E5-5146-11D5-A672-00B0D022E945} |
| HKEY_CLASSES_ROOT\CLSID\{807563E5-5146-11D5-A672-00B0D022E945}\TreatAs |
| HKEY_CLASSES_ROOT\Interface\{79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} |
| HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings |
| CLSID\{4590F812-1D3A-11D0-891F-00AA004B2E24} |
| CLSID\{4590F812-1D3A-11D0-891F-00AA004B2E24}\TreatAs |
| \CLSID\{4590F812-1D3A-11D0-891F-00AA004B2E24} |
| \CLSID\{4590F812-1D3A-11D0-891F-00AA004B2E24}\InprocServer32 |
| \CLSID\{4590F812-1D3A-11D0-891F-00AA004B2E24}\InprocServerX86 |
| \CLSID\{4590F812-1D3A-11D0-891F-00AA004B2E24}\LocalServer32 |
| \CLSID\{4590F812-1D3A-11D0-891F-00AA004B2E24}\InprocHandler32 |
| \CLSID\{4590F812-1D3A-11D0-891F-00AA004B2E24}\InprocHandlerX86 |
| \CLSID\{4590F812-1D3A-11D0-891F-00AA004B2E24}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{4590F812-1D3A-11D0-891F-00AA004B2E24} |
| HKEY_CLASSES_ROOT\CLSID\{4590F812-1D3A-11D0-891F-00AA004B2E24}\TreatAs |
| HKEY_LOCAL_MACHINE\Software\Microsoft\WBEM\CIMOM |
| CLSID\{EB87E1BD-3233-11D2-AEC9-00C04FB68820} |
| CLSID\{EB87E1BD-3233-11D2-AEC9-00C04FB68820}\TreatAs |
| \CLSID\{EB87E1BD-3233-11D2-AEC9-00C04FB68820} |
| \CLSID\{EB87E1BD-3233-11D2-AEC9-00C04FB68820}\InprocServer32 |
| \CLSID\{EB87E1BD-3233-11D2-AEC9-00C04FB68820}\InprocServerX86 |
| \CLSID\{EB87E1BD-3233-11D2-AEC9-00C04FB68820}\LocalServer32 |
| \CLSID\{EB87E1BD-3233-11D2-AEC9-00C04FB68820}\InprocHandler32 |
| \CLSID\{EB87E1BD-3233-11D2-AEC9-00C04FB68820}\InprocHandlerX86 |
| \CLSID\{EB87E1BD-3233-11D2-AEC9-00C04FB68820}\LocalServer |
| HKEY_CLASSES_ROOT\CLSID\{EB87E1BD-3233-11D2-AEC9-00C04FB68820} |
| HKEY_CLASSES_ROOT\CLSID\{EB87E1BD-3233-11D2-AEC9-00C04FB68820}\TreatAs |
Comments
User comments about 6315657fd523118f51e294e35158f6bd89d032b26fe7749a4de985edc81e5f86.
User comments about 6315657fd523118f51e294e35158f6bd89d032b26fe7749a4de985edc81e5f86.
