not-a-virus:AdWare.Win32.TopMoxie.e (Kaspersky), Application.Limewire.A (AdAware), Trojan.Win32.Alureon.FD, mzpefinder_pcap_file.YR (Lavasoft MAS)Behaviour: Trojan, Adware
The description has been automatically generated by Lavasoft Malware Analysis System and it may contain incomplete or inaccurate information.
Summary
MD5: b79e1e468d6781682cf7de038d46c542
SHA1: 215859d80dc621e7059cbd161ab8b24b468cb195
SHA256: e41b11e7b894da36784e1415e678174b2befc6fc5f52e0e8af7bd75704c66f82
SSDeep: 98304:ZS5bVIj1pq62qEAudIOG4XmwxaHewTvdJ9IlS:s5bas1qEDyOzJwj77
Size: 4074901 bytes
File type: EXE
Platform: WIN32
Entropy: Packed
PEID: UPolyXv05_v6, MicrosoftVisualC, MicrosoftVisualCv50v60MFC, MicrosoftVisualC50, Armadillov171
Company: no certificate found
Created at: 2002-06-24 21:22:31
Analyzed on: WindowsXP SP3 32-bit
Summary: Trojan. A program that appears to do one thing but actually does another (a.k.a. Trojan Horse).
Dynamic Analysis
Payload
No specific payload has been found.
Process activity
The Application creates the following process(es):
MsiExec.exe:740
MsiExec.exe:1880
%original file name%.exe:188
IDriver.exe:412
The Application injects its code into the following process(es):
IDriver.exe:1928
Mutexes
The following mutexes were created/opened:
ZonesLockedCacheCounterMutexZonesCacheCounterMutexZonesCounterMutexRasPbFilec:!documents and settings!adm!local settings!temporary internet files!content.ie5!_!MSFTHISTORY!_c:!documents and settings!adm!cookies!WininetStartupMutexc:!documents and settings!adm!local settings!history!history.ie5!WininetProxyRegistryMutexWininetConnectionMutexShimCacheMutex
File activity
The process MsiExec.exe:740 makes changes in the file system.
The Application creates and/or writes to the following file(s):
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\ls_license.txt (19620 bytes)
The process %original file name%.exe:188 makes changes in the file system.
The Application creates and/or writes to the following file(s):
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\HMNHLGIO\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\~1.tmp (29 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\Setup.INI (29 bytes)
%Documents and Settings%\%current user%\Local Settings\History\History.IE5\desktop.ini (159 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\HJHQ6B1O\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\isscript.msi (81132 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\0x0409.ini (345 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\ISScript.isc (77 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\CT48K6BI\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Cookies\index.dat (400 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@www.installengine[1].txt (306 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\_ISMSIDEL.INI (553 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\LimeWire.msi (1858338 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\LTQCY2RD\isscript[1].msi (697332 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\LTQCY2RD\desktop.ini (67 bytes)
The Application deletes the following file(s):
%Documents and Settings%\%current user%\Local Settings\Temp\_is2.tmp (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\~1.tmp (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_MSI5166._IS (0 bytes)
The process IDriver.exe:1928 makes changes in the file system.
The Application creates and/or writes to the following file(s):
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\ISRT.DLL (2105 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\setup.inx (382480 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\IsConfig.INI (39 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSI8.tmp (48184 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\_ISUSER.DLL (24240 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSIA.tmp (48184 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSI7.tmp (100800 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSI9.tmp (61144 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\_ISRES.DLL (1425 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\String1033.txt (223380 bytes)
The Application deletes the following file(s):
%Documents and Settings%\%current user%\My Documents\My Pictures (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSI8.tmp (0 bytes)
C:\MSI74d62.tmp (0 bytes)
%Documents and Settings%\All Users\Start Menu\Programs\Administrative Tools (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSIA.tmp (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSI7.tmp (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSI9.tmp (0 bytes)
Registry activity
The process MsiExec.exe:740 makes changes in the system registry.
The Application creates and/or sets the following values in system registry:
[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "45 2A 2E 4C 18 6A 25 BB DB 14 20 EC F1 04 C0 67"
The process MsiExec.exe:1880 makes changes in the system registry.
The Application creates and/or sets the following values in system registry:
[HKCR\Interface\{777C89E3-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A09-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A0A-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupProgress"
[HKCR\Interface\{777C8A07-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\CLSID\{777C8A16-5C36-11D5-ABAF-00B0D02332EB}\InprocServer32]
"ThreadingModel" = "Apartment"
[HKCR\Interface\{777C8A0D-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupMainWindow2"
[HKCR\Interface\{777C8A08-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupWindowImage"
[HKCR\Interface\{777C8A06-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89E2-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A0F-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupMainWindow4"
[HKCR\Interface\{777C8A13-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A12-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89E8-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\CLSID\{777C89DF-5C36-11D5-ABAF-00B0D02332EB}\InprocServer32]
"(Default)" = "%Program Files%\Common Files\InstallShield\Driver\7\Intel 32\IScript7.dll"
[HKCR\Interface\{777C8A0D-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C89EA-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A12-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupWindowBillBoards"
[HKCR\TypeLib\{777C89DE-5C36-11D5-ABAF-00B0D02332EB}\1.0\HELPDIR]
"(Default)" = "%Program Files%\Common Files\InstallShield\Driver\7\Intel 32\"
[HKCR\Interface\{777C8A0B-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A0A-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A0E-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupMainWindow3"
[HKCR\CLSID\{777C8A16-5C36-11D5-ABAF-00B0D02332EB}\InprocServer32]
"(Default)" = "%Program Files%\Common Files\InstallShield\Driver\7\Intel 32\IUser7.dll"
[HKCR\Interface\{777C8A06-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupGUIObject"
[HKCR\Interface\{777C8A0F-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\IPW.User\CLSID]
"(Default)" = "{777C8A16-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C89F1-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{777C8A05-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A13-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A0A-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A0D-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A06-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A06-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A13-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F7-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A0F-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F1-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupObjectClass"
[HKCR\Interface\{777C8A09-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\CLSID\{777C89DF-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "InstallShield Script Engine"
[HKCR\Interface\{777C8A13-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupRebootable"
[HKCR\Interface\{777C89ED-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A08-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C89E2-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\CLSID\{777C8A16-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "InstallShield setup user interafce"
[HKCR\Interface\{777C89E2-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A06-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\IPW.User.1\CLSID]
"(Default)" = "{777C8A16-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\IPW.ScriptEngine]
"(Default)" = "InstallShield Script Engine"
[HKCR\CLSID\{777C8A16-5C36-11D5-ABAF-00B0D02332EB}\VersionIndependentProgID]
"(Default)" = "IPW.User"
[HKCR\IPW.User]
"(Default)" = "InstallShield setup user interafce"
[HKCR\CLSID\{777C8A05-5C36-11D5-ABAF-00B0D02332EB}\InProcServer32]
"(Default)" = "%Program Files%\Common Files\InstallShield\Driver\7\Intel 32\Objps7.dll"
[HKCR\Interface\{777C8A11-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A07-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A08-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\IPW.User.1]
"(Default)" = "InstallShield setup user interafce"
[HKCR\CLSID\{777C89DF-5C36-11D5-ABAF-00B0D02332EB}\ProgID]
"(Default)" = "IPW.ScriptEngine.1"
[HKCR\Interface\{777C8A09-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupWindowText"
[HKCR\Interface\{777C8A09-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A07-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F8-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A11-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\IPW.ScriptEngine.1]
"(Default)" = "InstallShield Script Engine"
[HKCR\Interface\{777C8A0B-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A0A-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89EC-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\TypeLib\{777C89DE-5C36-11D5-ABAF-00B0D02332EB}\1.0]
"(Default)" = "InstallShield Script 1.0 Type Library"
[HKCR\Interface\{777C89E1-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C89DE-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A10-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupSDMessage"
[HKCR\Interface\{777C89F9-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C89EF-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\TypeLib\{777C89DE-5C36-11D5-ABAF-00B0D02332EB}\1.0\FLAGS]
"(Default)" = "0"
[HKCR\TypeLib\{777C8A14-5C36-11D5-ABAF-00B0D02332EB}\1.0\FLAGS]
"(Default)" = "0"
[HKCR\Interface\{777C89EE-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A08-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F1-5C36-11D5-ABAF-00B0D02332EB}\NumMethods]
"(Default)" = "5"
[HKCR\CLSID\{777C8A05-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "PSFactoryBuffer"
[HKCR\Interface\{777C89E1-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89E3-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C89DE-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A12-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\CLSID\{777C8A16-5C36-11D5-ABAF-00B0D02332EB}\ProgID]
"(Default)" = "IPW.User.1"
[HKCR\Interface\{777C8A10-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A10-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A0D-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\IPW.ScriptEngine.1\CLSID]
"(Default)" = "{777C89DF-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C89E2-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupScriptEngine2"
[HKCR\CLSID\{777C8A05-5C36-11D5-ABAF-00B0D02332EB}\InProcServer32]
"ThreadingModel" = "Both"
[HKCR\Interface\{777C89FB-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A0C-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A08-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A0C-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\IPW.ScriptEngine\CLSID]
"(Default)" = "{777C89DF-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\TypeLib\{777C89DE-5C36-11D5-ABAF-00B0D02332EB}\1.0\0\win32]
"(Default)" = "%Program Files%\Common Files\InstallShield\Driver\7\Intel 32\IScript7.dll"
[HKCR\Interface\{777C8A05-5C36-11D5-ABAF-00B0D02332EB}\NumMethods]
"(Default)" = "6"
[HKCR\Interface\{777C8A0B-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupProgress2"
[HKCR\Interface\{777C8A0C-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A09-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A0E-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
"Version" = "1.0"
[HKCR\Interface\{777C89E3-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A07-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupUserInterface"
[HKCR\Interface\{777C8A11-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A0C-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupMainWindow"
[HKCR\CLSID\{777C89DF-5C36-11D5-ABAF-00B0D02332EB}\VersionIndependentProgID]
"(Default)" = "IPW.ScriptEngine"
[HKCR\TypeLib\{777C8A14-5C36-11D5-ABAF-00B0D02332EB}\1.0\0\win32]
"(Default)" = "%Program Files%\Common Files\InstallShield\Driver\7\Intel 32\IUser7.dll"
[HKCR\Interface\{777C89E1-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupScriptEngine"
[HKCR\Interface\{777C8A0F-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C89E3-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A12-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A0E-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89E8-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A11-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A10-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A13-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F0-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C89E3-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupScriptController"
[HKCR\Interface\{777C89E8-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C89DE-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C89E8-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupScriptError"
[HKCR\Interface\{777C8A05-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupServiceProvider"
[HKCR\Interface\{777C8A0F-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A10-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\CLSID\{777C89DF-5C36-11D5-ABAF-00B0D02332EB}\InprocServer32]
"ThreadingModel" = "Apartment"
[HKCR\Interface\{777C8A11-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupMultiMedia"
[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "03 88 1F 59 68 97 47 58 C7 23 76 68 5B 89 27 2D"
[HKCR\Interface\{777C8A12-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89E2-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C89DE-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C89E8-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A01-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C89E1-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A07-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{777C8A14-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A0A-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A0C-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\TypeLib\{777C8A14-5C36-11D5-ABAF-00B0D02332EB}\1.0\HELPDIR]
"(Default)" = "%Program Files%\Common Files\InstallShield\Driver\7\Intel 32\"
[HKCR\Interface\{777C8A05-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{777C8A05-5C36-11D5-ABAF-00B0D02332EB}"
[HKCR\Interface\{777C8A0D-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\TypeLib\{777C8A14-5C36-11D5-ABAF-00B0D02332EB}\1.0]
"(Default)" = "Setup UI 1.0 Type Library"
[HKCR\Interface\{777C89E1-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A0E-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A0B-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A0B-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
The process %original file name%.exe:188 makes changes in the system registry.
The Application creates and/or sets the following values in system registry:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths]
"Directory" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path4]
"CacheLimit" = "65452"
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache4"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2]
"CacheLimit" = "65452"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"AppData" = "%Documents and Settings%\%current user%\Application Data"
"Cookies" = "%Documents and Settings%\%current user%\Cookies"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache2"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common AppData" = "%Documents and Settings%\All Users\Application Data"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Cache" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files"
[HKLM\System\CurrentControlSet\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings]
"ProxyEnable" = "0"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1]
"CacheLimit" = "65452"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]
"SavedLegacySettings" = "3C 00 00 00 1B 00 00 00 01 00 00 00 00 00 00 00"
[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "9F 56 AD 1F 32 60 6D 8D 2E 27 3C 8F AE 48 84 99"
[HKLM\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\2D69A20EC4F0CD19037FD6D6246B1EE0EC41BA22]
"Blob" = "04 00 00 00 01 00 00 00 10 00 00 00 BD C0 6E DA"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache1"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3]
"CacheLimit" = "65452"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"MigrateProxy" = "1"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"History" = "%Documents and Settings%\%current user%\Local Settings\History"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache3"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths]
"Paths" = "4"
The Application modifies IE settings for security zones to map all local web-nodes with no dots which do not refer to any zone to the Intranet Zone:
[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"UNCAsIntranet" = "1"
The Application modifies IE settings for security zones to map all web-nodes that bypassing the proxy to the Intranet Zone:
"ProxyBypass" = "1"
Proxy settings are disabled:
[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = "0"
The Application modifies IE settings for security zones to map all urls to the Intranet Zone:
[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"IntranetName" = "1"
The Application deletes the following value(s) in system registry:
[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"AutoConfigURL"
"ProxyServer"
"ProxyOverride"
[HKLM\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates]
"2D69A20EC4F0CD19037FD6D6246B1EE0EC41BA22"
The process IDriver.exe:1928 makes changes in the system registry.
The Application creates and/or sets the following values in system registry:
[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "B2 AB 08 BF 47 EA 19 65 C6 4B 13 CD 93 91 A7 78"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd73-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Programs" = "%Documents and Settings%\All Users\Start Menu\Programs"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd72-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b98117e8-75ca-11e2-81b2-000c293708fb}]
"BaseClass" = "Drive"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Fonts" = "%WinDir%\Fonts"
"AppData" = "%Documents and Settings%\%current user%\Application Data"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Desktop" = "%Documents and Settings%\All Users\Desktop"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd75-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Start Menu" = "%Documents and Settings%\All Users\Start Menu"
"Common Startup" = "%Documents and Settings%\All Users\Start Menu\Programs\Startup"
The process IDriver.exe:412 makes changes in the system registry.
The Application creates and/or sets the following values in system registry:
[HKCR\Interface\{777C89E9-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupLogService"
[HKCR\Interface\{135F108E-AD38-11D5-ABCD-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{D211D430-D52F-11D4-AB86-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9BC-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\CLSID\{99BDE2B6-D79E-11D4-AB87-00B0D02332EB}\ProgID]
"(Default)" = "ISInstallDriver.StringTable.1"
[HKCR\CLSID\{99BDE2B6-D79E-11D4-AB87-00B0D02332EB}\VersionIndependentProgID]
"(Default)" = "ISInstallDriver.StringTable"
[HKCR\Interface\{3147B9E0-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupComponent"
[HKCR\CLSID\{A52D1D8E-BCCA-11D4-AB7D-00B0D02332EB}\ProgID]
"(Default)" = "ISInstallDriver.InstallDriver.1"
[HKCR\Interface\{4EAEAA3C-FD20-11D4-AB92-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\AppID\IDriver.EXE]
"AppID" = "{E4A51076-BCD3-11D4-AB7D-00B0D02332EB}"
[HKCR\Interface\{3147B9A3-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89EC-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F8-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89EB-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9C1-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9C1-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9DC-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9AE-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89F7-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9B7-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupRegistry"
[HKCR\Interface\{E4A51081-BCD3-11D4-AB7D-00B0D02332EB}]
"(Default)" = "IISInstallDriver"
[HKCR\Interface\{777C89FF-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9BC-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupRegistry2"
[HKCR\Interface\{3147B9D2-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B984-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F7-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupBasicFeature"
[HKCR\Interface\{3147B9AE-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{C445860A-9BE8-11D5-ABBF-00B0D02332EB}]
"(Default)" = "IInstallDriverVersion"
[HKCR\Interface\{C0E3CD3A-E8DA-11D4-84B0-00B0D023B209}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B98C-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\AppID\{E4A51076-BCD3-11D4-AB7D-00B0D02332EB}]
"(Default)" = "InstallShield InstallDriver"
[HKCR\Interface\{777C8A02-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89EA-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C8A04-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{D211D430-D52F-11D4-AB86-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9CD-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9D9-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9BC-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{D72FDDC4-672E-4D49-A8A6-0CDD039B2FAE}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9D2-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupFileRegistrar"
[HKCR\Interface\{3147B999-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89F8-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupBasicFeatureStateEvents"
[HKCR\TypeLib\{3147B9F7-D11F-11D4-AB83-00B0D02332EB}\1.0\FLAGS]
"(Default)" = "0"
[HKCR\Interface\{3147B989-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{7B1E910E-9744-11D5-ABBF-00B0D02332EB}]
"(Default)" = "IMsiServer2"
[HKCR\CLSID\{A52D1D8E-BCCA-11D4-AB7D-00B0D02332EB}]
"AppID" = "{E4A51076-BCD3-11D4-AB7D-00B0D02332EB}"
[HKCR\Interface\{E4A51081-BCD3-11D4-AB7D-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F8-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B997-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B99D-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\CLSID\{99BDE2B6-D79E-11D4-AB87-00B0D02332EB}\LocalServer32]
"(Default)" = "C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe"
[HKCR\Interface\{777C89FE-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89EB-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupLogDB2"
[HKCR\Interface\{3147B9DC-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\TypeLib\{3147B9F7-D11F-11D4-AB83-00B0D02332EB}\1.0\0\win32]
"(Default)" = "%Program Files%\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe"
[HKCR\Interface\{777C89ED-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{135F108E-AD38-11D5-ABCD-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89FD-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9CA-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89FC-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9F0-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{5F13E632-D79E-11D4-AB87-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A00-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{82843E72-7263-11D5-ABB6-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B99D-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89FE-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A02-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\ISInstallDriver.InstallDriver.1]
"(Default)" = "InstallShield InstallDriver"
[HKCR\Interface\{777C89F7-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89E9-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B98C-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupSharedFiles"
[HKCR\Interface\{777C89FC-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{D211D430-D52F-11D4-AB86-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{82843E72-7263-11D5-ABB6-00B0D02332EB}]
"(Default)" = "ISetupInitializationProgress"
[HKCR\Interface\{5F13E632-D79E-11D4-AB87-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9BC-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9E6-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C8A00-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupFileErrors"
[HKCR\ISInstallDriver.StringTable.1]
"(Default)" = "InstallShield InstallDriver String Table"
[HKCR\TypeLib\{00020430-0000-0000-C000-000000000046}\1.0\FLAGS]
"(Default)" = "1"
[HKCR\Interface\{3147B9EC-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9EC-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupStringTable"
[HKCR\Interface\{777C89F0-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A01-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupTransferEvents"
[HKCR\Interface\{3147B9AE-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9B2-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupTypes"
[HKCR\Interface\{3147B9D9-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupCABFile"
[HKCR\Interface\{C0E3CD3A-E8DA-11D4-84B0-00B0D023B209}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A01-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B992-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9C6-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{E4A51081-BCD3-11D4-AB7D-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F3-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9D2-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{7B1E910E-9744-11D5-ABBF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{C445860A-9BE8-11D5-ABBF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{C0E3CD3A-E8DA-11D4-84B0-00B0D023B209}]
"(Default)" = "IMSIMsgHandler"
[HKCR\Interface\{3147B9A9-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupMedia2"
[HKCR\Interface\{777C89F3-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{5F13E632-D79E-11D4-AB87-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89F0-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\CLSID\{A52D1D8E-BCCA-11D4-AB7D-00B0D02332EB}\LocalServer32]
"(Default)" = "C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe"
[HKCR\Interface\{3147B9B2-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89E9-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A00-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{4EAEAA3C-FD20-11D4-AB92-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{C0E3CD3A-E8DA-11D4-84B0-00B0D023B209}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B99D-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupInfo"
[HKCR\Interface\{777C89F4-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F6-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89FD-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{D211D430-D52F-11D4-AB86-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{82843E72-7263-11D5-ABB6-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89FB-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{C445860A-9BE8-11D5-ABBF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9A9-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89FC-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89FE-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89FC-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F9-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9A3-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{7B1E910E-9744-11D5-ABBF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9BC-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B992-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9B7-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9E6-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{D211D430-D52F-11D4-AB86-00B0D02332EB}]
"(Default)" = "ISetupCABFileMsi"
[HKCR\Interface\{3147B9F0-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupObjectHolder"
[HKCR\Interface\{3147B9EC-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B984-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupReboot"
[HKCR\Interface\{3147B9D9-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{E4A51081-BCD3-11D4-AB7D-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\CLSID\{99BDE2B6-D79E-11D4-AB87-00B0D02332EB}]
"(Default)" = "InstallShield InstallDriver String Table"
[HKCR\Interface\{3147B9CA-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9B7-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89EC-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "CD D7 74 2E F2 3C C9 F8 61 39 83 64 DD 19 3F 60"
[HKCR\Interface\{777C89F0-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89EF-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A01-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B997-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89F7-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89F4-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9B7-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9AE-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupType"
[HKCR\Interface\{777C89F7-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\ISInstallDriver.InstallDriver\CLSID]
"(Default)" = "{A52D1D8E-BCCA-11D4-AB7D-00B0D02332EB}"
[HKCR\Interface\{3147B99D-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9CA-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9DC-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89EF-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B999-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B999-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9D9-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{5F13E632-D79E-11D4-AB87-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89EA-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{E4A51081-BCD3-11D4-AB7D-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89ED-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89EE-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89EB-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\TypeLib\{3147B9F7-D11F-11D4-AB83-00B0D02332EB}\1.0]
"(Default)" = "InstallShield Windows Installer Setup Kernel 1.0 Type Library"
[HKCR\Interface\{135F108E-AD38-11D5-ABCD-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9CA-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89FF-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B98C-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89ED-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9D2-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89F6-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B989-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89F9-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupFeature"
[HKCR\Interface\{C445860A-9BE8-11D5-ABBF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{82843E72-7263-11D5-ABB6-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9A3-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{4EAEAA3C-FD20-11D4-AB92-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B999-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89F8-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\TypeLib\{00020430-0000-0000-C000-000000000046}\1.0\0\win32]
"(Default)" = "%System%\stdole32.tlb"
[HKCR\Interface\{777C8A00-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89FD-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89FB-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\ISInstallDriver.InstallDriver]
"(Default)" = "InstallShield InstallDriver"
[HKCR\Interface\{3147B989-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9F0-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B992-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9B7-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89F8-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9C1-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89ED-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9E6-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89FB-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{135F108E-AD38-11D5-ABCD-00B0D02332EB}]
"(Default)" = "IISInstallDriverForceRemove"
[HKCR\Interface\{777C89E9-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B997-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9C1-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupShellLink"
[HKCR\Interface\{C0E3CD3A-E8DA-11D4-84B0-00B0D023B209}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89F4-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\ISInstallDriver.StringTable.1\CLSID]
"(Default)" = "{99BDE2B6-D79E-11D4-AB87-00B0D02332EB}"
[HKCR\Interface\{777C89EF-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89EE-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89EB-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9F0-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9E0-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9E0-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89F9-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89EC-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupFeatureLog"
[HKCR\Interface\{777C8A01-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\TypeLib\{3147B9F7-D11F-11D4-AB83-00B0D02332EB}\1.0\HELPDIR]
"(Default)" = "%Program Files%\Common Files\InstallShield\Driver\7\Intel 32\"
[HKCR\Interface\{3147B9EC-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F0-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupFeatureLogs"
[HKCR\Interface\{777C89FF-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{D72FDDC4-672E-4D49-A8A6-0CDD039B2FAE}]
"(Default)" = "IMsiServer2001"
[HKCR\Interface\{3147B9A9-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89F3-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupObject"
[HKCR\Interface\{3147B989-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupReboot2"
[HKCR\Interface\{777C89E9-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{4EAEAA3C-FD20-11D4-AB92-00B0D02332EB}]
"(Default)" = "IMsiServer"
[HKCR\Interface\{777C8A02-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B989-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F4-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupObjectContext"
[HKCR\Interface\{777C89F9-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C8A00-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9A3-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupMedia"
[HKCR\Interface\{777C89EE-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89FE-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupTransferErrorInfo"
[HKCR\CLSID\{A52D1D8E-BCCA-11D4-AB7D-00B0D02332EB}]
"(Default)" = "InstallShield InstallDriver"
[HKCR\Interface\{3147B9E0-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89EF-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9CA-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupShell"
[HKCR\Interface\{D72FDDC4-672E-4D49-A8A6-0CDD039B2FAE}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{D72FDDC4-672E-4D49-A8A6-0CDD039B2FAE}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9CD-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9F0-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89EC-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F3-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89F6-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9CD-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9E6-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupComponents"
[HKCR\Interface\{777C89EA-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{C445860A-9BE8-11D5-ABBF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9DC-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupCABFiles"
[HKCR\Interface\{777C89FD-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A02-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9B2-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9D2-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B999-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupTextSubstitution"
[HKCR\ISInstallDriver.InstallDriver.1\CLSID]
"(Default)" = "{A52D1D8E-BCCA-11D4-AB7D-00B0D02332EB}"
[HKCR\Interface\{777C89F4-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{5F13E632-D79E-11D4-AB87-00B0D02332EB}]
"(Default)" = "IInstallDriverStringTable"
[HKCR\Interface\{3147B9C6-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupShellLink2"
[HKCR\Interface\{3147B984-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{135F108E-AD38-11D5-ABCD-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A04-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89EE-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupOpType"
[HKCR\Interface\{777C89EF-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupOpTypes"
[HKCR\Interface\{777C89EA-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupLogDB"
[HKCR\Interface\{3147B9C6-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\CLSID\{A52D1D8E-BCCA-11D4-AB7D-00B0D02332EB}\VersionIndependentProgID]
"(Default)" = "ISInstallDriver.InstallDriver"
[HKCR\Interface\{777C89F0-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9A9-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B984-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\ISInstallDriver.StringTable\CLSID]
"(Default)" = "{99BDE2B6-D79E-11D4-AB87-00B0D02332EB}"
[HKCR\Interface\{3147B9C6-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A04-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\AppID\{E4A51076-BCD3-11D4-AB7D-00B0D02332EB}]
"RunAs" = "Interactive User"
[HKCR\Interface\{3147B9E6-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9B2-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{4EAEAA3C-FD20-11D4-AB92-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9EC-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9DC-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A04-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9C6-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C8A04-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupDriver"
[HKCR\Interface\{777C89ED-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupOpSequence"
[HKCR\Interface\{777C89EA-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F6-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupObjects"
[HKCR\Interface\{3147B984-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9C1-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89FE-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B98C-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9CD-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupShell2"
[HKCR\Interface\{D72FDDC4-672E-4D49-A8A6-0CDD039B2FAE}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F3-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9CD-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C8A01-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B98C-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89FF-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9A3-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B992-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B9B2-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89F6-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B9A9-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89EE-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{3147B99D-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\ISInstallDriver.StringTable]
"(Default)" = "InstallShield InstallDriver String Table"
[HKCR\Interface\{3147B9D9-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B9E0-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{3147B997-D11F-11D4-AB83-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{777C89F9-5C36-11D5-ABAF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{7B1E910E-9744-11D5-ABBF-00B0D02332EB}\ProxyStubClsid]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{82843E72-7263-11D5-ABB6-00B0D02332EB}\ProxyStubClsid32]
"(Default)" = "{00020424-0000-0000-C000-000000000046}"
[HKCR\Interface\{7B1E910E-9744-11D5-ABBF-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{3147B992-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupFileService"
[HKCR\Interface\{3147B9AE-D11F-11D4-AB83-00B0D02332EB}\TypeLib]
"(Default)" = "{3147B9F7-D11F-11D4-AB83-00B0D02332EB}"
[HKCR\Interface\{777C89EB-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89FF-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupFileErrorInfo"
[HKCR\Interface\{777C89FC-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupFilesCost"
[HKCR\Interface\{777C89FD-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupTransfer"
[HKCR\Interface\{777C89FB-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupFeatures"
[HKCR\Interface\{3147B997-D11F-11D4-AB83-00B0D02332EB}]
"(Default)" = "ISetupCopyFiles"
[HKCR\Interface\{777C8A02-5C36-11D5-ABAF-00B0D02332EB}]
"(Default)" = "ISetupTransferEvents2"
[HKCR\Interface\{777C89FB-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
[HKCR\Interface\{777C89EC-5C36-11D5-ABAF-00B0D02332EB}\TypeLib]
"Version" = "1.0"
Dropped PE files
| MD5 | File path |
|---|---|
| b9b9af3f2feb0f1bdac947908637f15d | c:\Documents and Settings\"%CurrentUserName%"\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\ISRT.DLL |
| d95b37e3e9dc956905cdf45f960ad52b | c:\Documents and Settings\"%CurrentUserName%"\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\_ISRES.DLL |
| 3e5fa5d994ae3c8a91cdf6d36a198d25 | c:\Documents and Settings\"%CurrentUserName%"\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\_ISUSER.DLL |
| f6e015da6bbf4f2036650c246f019f3c | c:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe |
| b9b9af3f2feb0f1bdac947908637f15d | c:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\ISRT.dll |
| d284423b7d5da40c712dee45a25191d1 | c:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IScript7.dll |
| 717d2d0cfdf85a69754ce559e8c97def | c:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IUser7.dll |
| d95b37e3e9dc956905cdf45f960ad52b | c:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\_ISRES1033.dll |
| 25e83534f526974ac6228b0f46045ebc | c:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\objps7.dll |
HOSTS file anomalies
No changes have been detected.
Rootkit activity
No anomalies have been detected.
Propagation
Removals
Remove it with Ad-Aware
- Click (here) to download and install Ad-Aware Free Antivirus.
- Update the definition files.
- Run a full scan of your computer.
Manual removal*
- Terminate malicious process(es) (How to End a Process With the Task Manager):
MsiExec.exe:740
MsiExec.exe:1880
%original file name%.exe:188
IDriver.exe:412 - Delete the original Application file.
- Delete or disinfect the following files created/modified by the Application:
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\ls_license.txt (19620 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\HMNHLGIO\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\~1.tmp (29 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\Setup.INI (29 bytes)
%Documents and Settings%\%current user%\Local Settings\History\History.IE5\desktop.ini (159 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\HJHQ6B1O\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\isscript.msi (81132 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\0x0409.ini (345 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\ISScript.isc (77 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\CT48K6BI\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Cookies\index.dat (400 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@www.installengine[1].txt (306 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\_ISMSIDEL.INI (553 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\_is2\LimeWire.msi (1858338 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\LTQCY2RD\isscript[1].msi (697332 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\LTQCY2RD\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\ISRT.DLL (2105 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\setup.inx (382480 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\IsConfig.INI (39 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSI8.tmp (48184 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\_ISUSER.DLL (24240 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSIA.tmp (48184 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSI7.tmp (100800 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\MSI9.tmp (61144 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\_ISRES.DLL (1425 bytes)
%Documents and Settings%\%current user%\Local Settings\Temp\{9967E93B-6F5E-4744-80D6-BEB0229F42C4}\String1033.txt (223380 bytes) - Clean the Temporary Internet Files folder, which may contain infected files (How to clean Temporary Internet Files folder).
- Reboot the computer.
Static Analysis
VersionInfo
Company Name: LimeWire LLC
Product Name: LimeWire
Product Version: 2.96.0000
Legal Copyright: 751
Legal Trademarks:
Original Filename:
Internal Name:
File Version: 2.96.0000
File Description: Setup Launcher
Comments:
Language: Spanish (Spain, International Sort)
Company Name: LimeWire LLC Product Name: LimeWire Product Version: 2.96.0000 Legal Copyright: 751 Legal Trademarks: Original Filename: Internal Name: File Version: 2.96.0000 File Description: Setup Launcher Comments: Language: Spanish (Spain, International Sort)
PE Sections
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Section MD5 |
|---|---|---|---|---|---|
| .text | 4096 | 124058 | 126976 | 4.47393 | 935dd6e11aa7a98cdc360948edca8140 |
| .rdata | 131072 | 14832 | 16384 | 3.48982 | c3dad73eccefe126c286be52c6e891d7 |
| .data | 147456 | 35480 | 20480 | 2.00078 | 0fd860ffa2abab641a458e5a4c58c5b8 |
| .rsrc | 184320 | 47384 | 49152 | 4.98191 | b8b069d2ffb1f5d6817397a2519c941a |
Dropped from:
Downloaded by:
Similar by SSDeep:
Similar by Lavasoft Polymorphic Checker:
Total found: 9
2f8c7e8df30e5d0c294138d8dca98cdf
d14cbbd12f38f08784acfa4e18ac685c
2e245cf17870cff1e661c8c8890ae2e4
d60e5e21faa1cfe9e7d72ab2b7b4669f
696cb67b8bd455abe93348d766b14876
71c5056ffeb7df70fe815912986c1cba
8a9dae196703355f3f26ac85e94580d7
9fc88f4f1f563a3b56390b6b68db9312
b5a874e63fcb3e07d51b5f3f139592e9
Network Activity
URLs
| URL | IP |
|---|---|
| hxxp://www.installengine.com/cert02/isengine/isscript.msi | 64.14.29.58 |
IDS verdicts (Suricata alerts: Emerging Threats ET ruleset)
Traffic
GET /cert02/isengine/isscript.msi HTTP/1.1
Referer: hXXp://VVV.installengine.com/cert02/isengine/isscript.msi
User-Agent: dwplayer
Host: VVV.installengine.com
Connection: Keep-Alive
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 633856
Content-Type: application/octet-stream
Last-Modified: Tue, 15 Oct 2002 23:31:18 GMT
Accept-Ranges: bytes
ETag: "027f8f5a274c21:d93b"
X-Powered-By: ASP.NET
Date: Wed, 22 Jul 2015 01:24:00 GMT
Set-Cookie: flexnet-http-cookie-122925=5ccba3d8d17f16f9aef7f08eb3ae32d9960b72b524fc537c6146a32d382600c5c5821ac8;expires=Wed, 22-Jul-2015 01:25:01 GMT;path=/;httponly
........................>...................................8...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................^......................................................................./........................................... ...!..."...#...$...%...&...'...(...)...*... ...,...-.......1...0.......2...3...4...5...6...7...E...d...:...;...<...=...>...?...@...A...B...C...D...\...`...G...H...I...J...K...L...M...N...O...P...Q...R...S...T...U...V...W...X...Y...Z...[.......]..._...a...b.......c...e...f...............h...i...j...k...l...u...n...o...p...q...r...s...t...g...v...w...x...y...z...{...|...}...~...........R.o.o.t. .E.n.t.r.y............................................................................F............0X.|.t..9...@8........S.u.m.m.a.r.y.I.n.f.o.r.m.a.t.i.o.n...........................(..."..............................................._...x.......@H.?.C.A.E.D1H......................................................................................................F....*......@H.?dA/B6H.............................................................................................................
<<< skipped >>>
Map
The Application connects to the servers at the folowing location(s):
Strings from Dumps
%original file name%.exe_188:
.text
.text
`.rdata
`.rdata
@.data
@.data
.rsrc
.rsrc
t%SWVVVVVVh
t%SWVVVVVVh
tOSSSSh0u
tOSSSSh0u
SSSSh0u
SSSSh0u
SShxDB
SShxDB
SShhDB
SShhDB
PSSSSSSh
PSSSSSSh
PSSh\UB
PSSh\UB
PSShTUB
PSShTUB
__MSVCRT_HEAP_SELECT
__MSVCRT_HEAP_SELECT
user32.dll
user32.dll
VERSION.dll
VERSION.dll
SHELL32.dll
SHELL32.dll
COMCTL32.dll
COMCTL32.dll
GetWindowsDirectoryA
GetWindowsDirectoryA
KERNEL32.dll
KERNEL32.dll
MsgWaitForMultipleObjects
MsgWaitForMultipleObjects
ExitWindowsEx
ExitWindowsEx
USER32.dll
USER32.dll
GDI32.dll
GDI32.dll
RegCloseKey
RegCloseKey
RegOpenKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteKeyA
ADVAPI32.dll
ADVAPI32.dll
ole32.dll
ole32.dll
OLEAUT32.dll
OLEAUT32.dll
GetCPInfo
GetCPInfo
RegOpenKeyA
RegOpenKeyA
NO_KEY_VALUE
NO_KEY_VALUE
_ISMSIDEL.INI
_ISMSIDEL.INI
CmdLine
CmdLine
hXXps://
hXXps://
hXXp://
hXXp://
PTF://
PTF://
Referer: %s
Referer: %s
wintrust.dll
wintrust.dll
WTHelperGetProvCertFromChain
WTHelperGetProvCertFromChain
CertCompareCertificate
CertCompareCertificate
crypt32.dll
crypt32.dll
Forcing item moniker %s into ROT...
Forcing item moniker %s into ROT...
CLSID\%s
CLSID\%s
EvalMarker.dat
EvalMarker.dat
Setup.iss
Setup.iss
Software\Microsoft\Windows\CurrentVersion\Run
Software\Microsoft\Windows\CurrentVersion\Run
Software\Microsoft\Windows\CurrentVersion
Software\Microsoft\Windows\CurrentVersion
PASSWORD
PASSWORD
Software\InstallShield\ISWI\7.0\SetupExeLog
Software\InstallShield\ISWI\7.0\SetupExeLog
NoSuppressRebootKey
NoSuppressRebootKey
SETUPEXEDIR
SETUPEXEDIR
CertKey
CertKey
ISScript.Msi
ISScript.Msi
SupportOS
SupportOS
{7E76A8D6-33D1-0032-16C3-4593092861D0}
{7E76A8D6-33D1-0032-16C3-4593092861D0}
{E7E2C871-090A-C372-F9AE-C3C6A988D260}
{E7E2C871-090A-C372-F9AE-C3C6A988D260}
{6741C120-01BA-87F9-8734-5FB9DA8A4445}
{6741C120-01BA-87F9-8734-5FB9DA8A4445}
Software\Microsoft\Windows\CurrentVersion\Installer
Software\Microsoft\Windows\CurrentVersion\Installer
Microsoft(R) .NET Framework
Microsoft(R) .NET Framework
dotnetredistSp1.exe
dotnetredistSp1.exe
dotnetredist.exe
dotnetredist.exe
dotnetfx.exe
dotnetfx.exe
%s /a "%s"%s
%s /a "%s"%s
%s /f%s "%s" %s
%s /f%s "%s" %s
%s /j%s "%s" %s
%s /j%s "%s" %s
%s /x "%s" %s
%s /x "%s" %s
/p"%s" %s
/p"%s" %s
%s /p "%s" %s
%s /p "%s" %s
%s /i "%s" %s
%s /i "%s" %s
%s %s
%s %s
%s="%s"
%s="%s"
%s TRANSFORMS="%s"
%s TRANSFORMS="%s"
%s%s%s;%s
%s%s%s;%s
"%s" %s /l%d /t"%s" /e"%s" /v"%s" %s
"%s" %s /l%d /t"%s" /e"%s" /v"%s" %s
"%s" /k %s /l%d /t"%s" /e"%s" /w /v"%s" %s
"%s" /k %s /l%d /t"%s" /e"%s" /w /v"%s" %s
Software\Microsoft\Windows\CurrentVersion\RunOnce
Software\Microsoft\Windows\CurrentVersion\RunOnce
Software\Microsoft\Windows\CurrentVersion\RunOnceEx
Software\Microsoft\Windows\CurrentVersion\RunOnceEx
SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\RunOnceEntries
SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\RunOnceEntries
System\CurrentControlSet\Control\Windows
System\CurrentControlSet\Control\Windows
1.20.1827.0
1.20.1827.0
Msi.DLL
Msi.DLL
"%s" /c:"msiinst /delayrebootq"
"%s" /c:"msiinst /delayrebootq"
"%s" /q
"%s" /q
2.0.2600.0
2.0.2600.0
%s /g %s /g %s
%s /g %s /g %s
%s /g %s /g %s /s
%s /g %s /g %s /s
4.70.0.1300
4.70.0.1300
WinInet.dll
WinInet.dll
SHFolder.dll
SHFolder.dll
Software\Microsoft\Windows\CurrentVersion\Uninstall\%s
Software\Microsoft\Windows\CurrentVersion\Uninstall\%s
{31EE4FE8-7F9C-11D5-ABB8-00B0D02332EB}
{31EE4FE8-7F9C-11D5-ABB8-00B0D02332EB}
d.d %s%s
d.d %s%s
DataCabInSetupExe
DataCabInSetupExe
Data.Cab
Data.Cab
MSIEXEC.EXE
MSIEXEC.EXE
INSTMSIW.EXE
INSTMSIW.EXE
INSTMSIA.EXE
INSTMSIA.EXE
Setup.INI
Setup.INI
Setup.bmp
Setup.bmp
msi.dll
msi.dll
0x0%s.ini
0x0%s.ini
%s"%s"
%s"%s"
.rdata
.rdata
.debug
.debug
%d: %s
%d: %s
%s,%u
%s,%u
%u.%u.%u.%u
%u.%u.%u.%u
InternetCanonicalizeUrlA
InternetCanonicalizeUrlA
HttpEndRequestA
HttpEndRequestA
HttpSendRequestExA
HttpSendRequestExA
HttpSendRequestA
HttpSendRequestA
HttpOpenRequestA
HttpOpenRequestA
FtpFindFirstFileA
FtpFindFirstFileA
HttpQueryInfoA
HttpQueryInfoA
InternetCreateUrlA
InternetCreateUrlA
InternetCrackUrlA
InternetCrackUrlA
InternetOpenUrlA
InternetOpenUrlA
wininet.dll
wininet.dll
RPAWINET.DLL
RPAWINET.DLL
AutoConfigURL
AutoConfigURL
Software\Microsoft\Windows\CurrentVersion\Internet Settings
Software\Microsoft\Windows\CurrentVersion\Internet Settings
netscape.exe
netscape.exe
FTP_ProxyPort
FTP_ProxyPort
FTP_Proxy
FTP_Proxy
HTTPS_ProxyPort
HTTPS_ProxyPort
HTTPS_Proxy
HTTPS_Proxy
https=
https=
HTTP_ProxyPort
HTTP_ProxyPort
HTTP_Proxy
HTTP_Proxy
http=
http=
\prefs.js
\prefs.js
\nsreg.dat
\nsreg.dat
"network.proxy.autoconfig_url"
"network.proxy.autoconfig_url"
"network.proxy.no_proxies_on"
"network.proxy.no_proxies_on"
"network.proxy.ftp_port"
"network.proxy.ftp_port"
"network.proxy.ftp"
"network.proxy.ftp"
"network.proxy.ssl_port"
"network.proxy.ssl_port"
"network.proxy.ssl"
"network.proxy.ssl"
"network.proxy.http_port"
"network.proxy.http_port"
"network.proxy.http"
"network.proxy.http"
network.proxy.type
network.proxy.type
Range: bytes=%d-
Range: bytes=%d-
zcÃ
zcÃ
C:\DOCUME~1\"%CurrentUserName%"\LOCALS~1\Temp\_is2
C:\DOCUME~1\"%CurrentUserName%"\LOCALS~1\Temp\_is2
C:\DOCUME~1\"%CurrentUserName%"\LOCALS~1\Temp\_is2\Setup.INI
C:\DOCUME~1\"%CurrentUserName%"\LOCALS~1\Temp\_is2\Setup.INI
c:\%original file name%.exe
c:\%original file name%.exe
version="1.0.0.0"
version="1.0.0.0"
name="InstallShield.Setup"
name="InstallShield.Setup"
InstallShield.Setup
InstallShield.Setup
name="Microsoft.Windows.Common-Controls"
name="Microsoft.Windows.Common-Controls"
version="6.0.0.0"
version="6.0.0.0"
publicKeyToken="6595b64144ccf1df"
publicKeyToken="6595b64144ccf1df"
!"#$%&'()* ,
!"#$%&'()* ,
(%U#n
(%U#n
.aFg\3z
.aFg\3z
sPTF://
sPTF://
Software\Microsoft\Active Setup\Installed Components\%s
Software\Microsoft\Active Setup\Installed Components\%s
{1C370964-514B-321C-7237-2B4FD86D8568}
{1C370964-514B-321C-7237-2B4FD86D8568}
{021122EA-49DC-4aeb-9D15-DCEAD9BAB1BC}
{021122EA-49DC-4aeb-9D15-DCEAD9BAB1BC}
{F1B13231-13BE-1231-5401-486BA763DEB6}
{F1B13231-13BE-1231-5401-486BA763DEB6}
{F279058C-50B2-4BE4-60C9-369CACF06821}
{F279058C-50B2-4BE4-60C9-369CACF06821}
{78705f0d-e8db-4b2d-8193-982bdda15ecd}
{78705f0d-e8db-4b2d-8193-982bdda15ecd}
{9B29D757-088E-E8C9-2535-AA319B92C00A}
{9B29D757-088E-E8C9-2535-AA319B92C00A}
%*.*f
%*.*f
2.96.0000
2.96.0000
Please enter the password
Please enter the password
Password:
Password:
/Error extracting '%s' to the temporary location'Error reading setup initialization file
/Error extracting '%s' to the temporary location'Error reading setup initialization file
IDriver.exe_1928:
.text
.text
`.rdata
`.rdata
@.data
@.data
.rsrc
.rsrc
SSShP
SSShP
PSShh
PSShh
PSSh@)H
PSSh@)H
PSSSSSSh
PSSSSSSh
AUTPRX32.DLL
AUTPRX32.DLL
__MSVCRT_HEAP_SELECT
__MSVCRT_HEAP_SELECT
user32.dll
user32.dll
GetWindowsDirectoryA
GetWindowsDirectoryA
WinExec
WinExec
KERNEL32.dll
KERNEL32.dll
ExitWindowsEx
ExitWindowsEx
MsgWaitForMultipleObjects
MsgWaitForMultipleObjects
CreateDialogIndirectParamA
CreateDialogIndirectParamA
USER32.dll
USER32.dll
GDI32.dll
GDI32.dll
RegCreateKeyExA
RegCreateKeyExA
RegCloseKey
RegCloseKey
RegDeleteKeyA
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyExA
RegOpenKeyA
RegOpenKeyA
RegQueryInfoKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumKeyExA
ADVAPI32.dll
ADVAPI32.dll
SHELL32.dll
SHELL32.dll
ole32.dll
ole32.dll
OLEAUT32.dll
OLEAUT32.dll
msi.dll
msi.dll
RPCRT4.dll
RPCRT4.dll
COMCTL32.dll
COMCTL32.dll
VERSION.dll
VERSION.dll
GetCPInfo
GetCPInfo
Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield Uninstall Information
Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield Uninstall Information
SELECT FileSize FROM File WHERE File = '%s'
SELECT FileSize FROM File WHERE File = '%s'
SELECT * FROM Feature WHERE Feature_Parent = '%s' ORDER By Display
SELECT * FROM Feature WHERE Feature_Parent = '%s' ORDER By Display
SELECT Directory_ FROM Component WHERE Component = '%s'
SELECT Directory_ FROM Component WHERE Component = '%s'
SELECT Component_ FROM FeatureComponents WHERE Feature_ = '%s'
SELECT Component_ FROM FeatureComponents WHERE Feature_ = '%s'
SELECT * FROM ISFeatureExtended WHERE Feature_ = '%s'
SELECT * FROM ISFeatureExtended WHERE Feature_ = '%s'
SELECT * FROM ISRequiredFeature WHERE RequiringFeature = '%s'
SELECT * FROM ISRequiredFeature WHERE RequiringFeature = '%s'
oleaut32.dll
oleaut32.dll
RegisterFile%d
RegisterFile%d
SOFTWARE\Microsoft\Windows\CurrentVersion
SOFTWARE\Microsoft\Windows\CurrentVersion
%d.%d.%d.%d
%d.%d.%d.%d
%hx.rra
%hx.rra
Software\Microsoft\Windows\CurrentVersion\RunOnce
Software\Microsoft\Windows\CurrentVersion\RunOnce
Software\Microsoft\Windows\CurrentVersion\RunOnceEx\InstallShieldSetup
Software\Microsoft\Windows\CurrentVersion\RunOnceEx\InstallShieldSetup
SELECT Feature_ FROM ISSetupTypeFeatures WHERE ISSetupType_ = '%s'
SELECT Feature_ FROM ISSetupTypeFeatures WHERE ISSetupType_ = '%s'
SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs
PendingFileRenameOperations
PendingFileRenameOperations
WININIT.INI
WININIT.INI
_hk%d
_hk%d
ID_%d
ID_%d
SELECT * FROM Directory WHERE Directory = '%s'
SELECT * FROM Directory WHERE Directory = '%s'
SELECT * FROM `Binary` WHERE `Name`= '%s'
SELECT * FROM `Binary` WHERE `Name`= '%s'
Function %s - Unknown exception: %s
Function %s - Unknown exception: %s
Function %s - Error %d in %s:%s
Function %s - Error %d in %s:%s
SELECT * FROM `CustomAction` WHERE `Action` = '%s'
SELECT * FROM `CustomAction` WHERE `Action` = '%s'
Could delete CA DLL, error is %d
Could delete CA DLL, error is %d
Could free module for CA DLL, error is %d
Could free module for CA DLL, error is %d
Custom Action Call failed, error is %d
Custom Action Call failed, error is %d
Could find function in DLL, error is %d
Could find function in DLL, error is %d
Failed to extract Binary for DLL CA, error is %d
Failed to extract Binary for DLL CA, error is %d
Software\Policies\Microsoft\Windows\Installer
Software\Policies\Microsoft\Windows\Installer
ISInstallDriver.InstallDriver.1
ISInstallDriver.InstallDriver.1
ISInstallDriver.InstallDriver
ISInstallDriver.InstallDriver
ISInstallDriver.StringTable.1
ISInstallDriver.StringTable.1
ISInstallDriver.StringTable
ISInstallDriver.StringTable
/beta %s
/beta %s
Failed to CreateItemMoniker %s, error is: 0x%lx
Failed to CreateItemMoniker %s, error is: 0x%lx
AppID\IDriver.EXE
AppID\IDriver.EXE
AppID\{E4A51076-BCD3-11D4-AB7D-00B0D02332EB}
AppID\{E4A51076-BCD3-11D4-AB7D-00B0D02332EB}
CLSID\{A52D1D8E-BCCA-11D4-AB7D-00B0D02332EB}
CLSID\{A52D1D8E-BCCA-11D4-AB7D-00B0D02332EB}
IDriver.EXE
IDriver.EXE
{E4A51076-BCD3-11D4-AB7D-00B0D02332EB}
{E4A51076-BCD3-11D4-AB7D-00B0D02332EB}
Forcing item moniker %s into ROT...
Forcing item moniker %s into ROT...
CLSID\%s
CLSID\%s
URLUpdateInfo
URLUpdateInfo
URLInfoAbout
URLInfoAbout
IsConfig.INI
IsConfig.INI
_ISUSER.DLL
_ISUSER.DLL
_ISRES.DLL
_ISRES.DLL
ISRT.DLL
ISRT.DLL
Ready to initialize ForceRemove, Product code is %s
Ready to initialize ForceRemove, Product code is %s
Main script execution failed, error is 0x%lx
Main script execution failed, error is 0x%lx
Ready to remove all, full command line = %s
Ready to remove all, full command line = %s
Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_%s
Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_%s
You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.
You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.
InstallShield Support files extracted.
InstallShield Support files extracted.
Failed to extract support files, error is %d
Failed to extract support files, error is %d
Command Line: %s
Command Line: %s
Package Path: %s
Package Path: %s
InstallShield Install driver started, version:%s.%s.%s.%s
InstallShield Install driver started, version:%s.%s.%s.%s
7.07.262.0
7.07.262.0
APPHELP.DLL
APPHELP.DLL
Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield Uninstall Information\
Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield Uninstall Information\
InitScript operation failed, error is 0x%lx
InitScript operation failed, error is 0x%lx
Ready to initialize simple UI support.
Ready to initialize simple UI support.
Ready to initialize full UI support.
Ready to initialize full UI support.
Setup Service operation failed, error is 0x%lx
Setup Service operation failed, error is 0x%lx
Open Script operation failed, error is 0x%lx
Open Script operation failed, error is 0x%lx
Inside Initialize, ref count is %d
Inside Initialize, ref count is %d
Rpcrt4.dll
Rpcrt4.dll
%d.mst
%d.mst
Failed to open script '%s', error is %d
Failed to open script '%s', error is %d
Opening script: %s
Opening script: %s
Software\InstallShield\ISWI\7.0\SetupExeLog
Software\InstallShield\ISWI\7.0\SetupExeLog
Software\InstallShield\ISWI\3.0\SetupExeLog
Software\InstallShield\ISWI\3.0\SetupExeLog
Failed to launch action '%s', error is %d
Failed to launch action '%s', error is %d
Failed to query Sequence table, error is %d
Failed to query Sequence table, error is %d
SUPPORTDIR
SUPPORTDIR
BF0CA59A-039C-11D5-AB96-00B0D02332EB
BF0CA59A-039C-11D5-AB96-00B0D02332EB
%s%s.ini
%s%s.ini
Setup.ini
Setup.ini
Failed to extract string.txt, error is %d
Failed to extract string.txt, error is %d
String%d.txt
String%d.txt
Failed to extract _IsUser.dll, Ignore it.
Failed to extract _IsUser.dll, Ignore it.
_ISUser%d.dll
_ISUser%d.dll
Failed to extract _IsRes.dll, error is %d
Failed to extract _IsRes.dll, error is %d
_ISRES%d.DLL
_ISRES%d.DLL
Failed to extract ISRT.dll, error is %d
Failed to extract ISRT.dll, error is %d
Failed to extract setup.inx, error is %d
Failed to extract setup.inx, error is %d
setup.inx
setup.inx
Extract supporting files
Extract supporting files
Installer\Products\%s
Installer\Products\%s
Failed to CoCreateinstance when preparing for Force Remove product %s, result is 0x%lx
Failed to CoCreateinstance when preparing for Force Remove product %s, result is 0x%lx
Failed to call Prepare method, when preparing for Force Remove product %s, result is 0x%lx
Failed to call Prepare method, when preparing for Force Remove product %s, result is 0x%lx
Failed to close InstallExecuteSequence view handle, error is 0x%lx
Failed to close InstallExecuteSequence view handle, error is 0x%lx
Failed to close InstallExecuteSequence view, error is 0x%lx
Failed to close InstallExecuteSequence view, error is 0x%lx
Failed to close InstallExecuteSequence new record handle, error is 0x%lx
Failed to close InstallExecuteSequence new record handle, error is 0x%lx
Failed to modify InstallExecuteSequence view, error is 0x%lx
Failed to modify InstallExecuteSequence view, error is 0x%lx
Failed to set InstallExecuteSequence::Sequence, error is 0x%lx
Failed to set InstallExecuteSequence::Sequence, error is 0x%lx
Failed to set InstallExecuteSequence::Action, error is 0x%lx
Failed to set InstallExecuteSequence::Action, error is 0x%lx
Failed to create InstallExecuteSequence record, error is 0x%lx
Failed to create InstallExecuteSequence record, error is 0x%lx
Failed to close InstallExecuteSequence record handle, error is 0x%lx
Failed to close InstallExecuteSequence record handle, error is 0x%lx
Failed to get InstallExecuteSequence::Sequence, error is 0x%lx
Failed to get InstallExecuteSequence::Sequence, error is 0x%lx
Failed to execute InstallExecuteSequence view, error is 0x%lx
Failed to execute InstallExecuteSequence view, error is 0x%lx
Failed to open InstallExecuteSequence view, error is 0x%lx
Failed to open InstallExecuteSequence view, error is 0x%lx
SELECT * FROM `InstallExecuteSequence`
SELECT * FROM `InstallExecuteSequence`
ISScriptBridge.dll
ISScriptBridge.dll
Failed to execute CustomAction view, error is 0x%lx
Failed to execute CustomAction view, error is 0x%lx
Failed to start RPC listening, error is %d
Failed to start RPC listening, error is %d
Failed to register RPC handle, error is %d
Failed to register RPC handle, error is %d
Failed to set RPC protocol, error is %d
Failed to set RPC protocol, error is %d
InternetCanonicalizeUrlA
InternetCanonicalizeUrlA
HttpEndRequestA
HttpEndRequestA
HttpSendRequestExA
HttpSendRequestExA
HttpSendRequestA
HttpSendRequestA
HttpOpenRequestA
HttpOpenRequestA
FtpFindFirstFileA
FtpFindFirstFileA
HttpQueryInfoA
HttpQueryInfoA
InternetCreateUrlA
InternetCreateUrlA
InternetCrackUrlA
InternetCrackUrlA
InternetOpenUrlA
InternetOpenUrlA
wininet.dll
wininet.dll
RPAWINET.DLL
RPAWINET.DLL
AutoConfigURL
AutoConfigURL
Software\Microsoft\Windows\CurrentVersion\Internet Settings
Software\Microsoft\Windows\CurrentVersion\Internet Settings
\mozver.dat
\mozver.dat
netscp6.exe
netscp6.exe
netscape.exe
netscape.exe
FTP_ProxyPort
FTP_ProxyPort
FTP_Proxy
FTP_Proxy
HTTPS_ProxyPort
HTTPS_ProxyPort
HTTPS_Proxy
HTTPS_Proxy
https=
https=
HTTP_ProxyPort
HTTP_ProxyPort
HTTP_Proxy
HTTP_Proxy
http=
http=
\prefs.js
\prefs.js
\nsreg.dat
\nsreg.dat
\Mozilla\registry.dat
\Mozilla\registry.dat
Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
"network.proxy.autoconfig_url"
"network.proxy.autoconfig_url"
"network.proxy.no_proxies_on"
"network.proxy.no_proxies_on"
"network.proxy.ftp_port"
"network.proxy.ftp_port"
"network.proxy.ftp"
"network.proxy.ftp"
"network.proxy.ssl_port"
"network.proxy.ssl_port"
"network.proxy.ssl"
"network.proxy.ssl"
"network.proxy.http_port"
"network.proxy.http_port"
"network.proxy.http"
"network.proxy.http"
network.proxy.type
network.proxy.type
Range: bytes=%d-
Range: bytes=%d-
zcÃ
zcÃ
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe
!"#$%&'()* ,
!"#$%&'()* ,
InstallShield Windows Installer Setup Kernel 1.0 Type Library
InstallShield Windows Installer Setup Kernel 1.0 Type Library
#operations
#operations
setup.exe
setup.exe
Reports
Reports
IMSIMsgHandler
IMSIMsgHandler
support
support
passed
passed
supported
supported
Hotkey
Hotkey
^.hdr
^.hdr
operation
operation
OR_KEY
OR_KEY
OR_KEYHIVE
OR_KEYHIVE
OI_KEY
OI_KEY
PasswordProtected
PasswordProtected
Password
Password
ProxyPassword
ProxyPassword
osWindows95
osWindows95
osWindows98
osWindows98
osWindowsMillennium
osWindowsMillennium
Portuguese_Brazilian
Portuguese_Brazilian
Portuguese_Standard
Portuguese_Standard
bstrSetupExe
bstrSetupExe
SupportDir
SupportDir
ShowCmd
ShowCmd
CreateKey
CreateKey
hkey
hkey
DeleteKey
DeleteKey
phkey
phkey
CloseKey
CloseKey
EnumKey
EnumKey
pKeys
pKeys
KeyExists
KeyExists
ExistingCmdLine
ExistingCmdLine
CmdLine
CmdLine
MsiViewExecute
MsiViewExecute
LaunchMsiExec
LaunchMsiExec
MSIMsgHandler
MSIMsgHandler
*\G{00020430-0000-0000-C000-000000000046}#1.0#0#C:\WINNT\System32\StdOle32.tlb#
*\G{00020430-0000-0000-C000-000000000046}#1.0#0#C:\WINNT\System32\StdOle32.tlb#
5CC8A589-D21D-11D4-AB83-00B0D02332EB
5CC8A589-D21D-11D4-AB83-00B0D02332EB
5CC8A588-D21D-11D4-AB83-00B0D02332EB
5CC8A588-D21D-11D4-AB83-00B0D02332EB
Software\Microsoft\Windows\CurrentVersion\Uninstall\
Software\Microsoft\Windows\CurrentVersion\Uninstall\
UNINSTALLKEY
UNINSTALLKEY
\Setup.ilg
\Setup.ilg
hXXp://
hXXp://
hXXps://
hXXps://
PTF://
PTF://
r\InstallShield\engine\6\Intel 32\ilog.dll
r\InstallShield\engine\6\Intel 32\ilog.dll
setup.ilg
setup.ilg
*.lnk
*.lnk
explorer.exe
explorer.exe
IWININIT.INI
IWININIT.INI
_isuser.dll
_isuser.dll
_isres.dll
_isres.dll
\setup.exe
\setup.exe
tsetup.ini
tsetup.ini
String1033.txt
String1033.txt
Setup.iss
Setup.iss
7.07.262
7.07.262
InstallDriver.EXE
InstallDriver.EXE
Invalid ID
Invalid ID
MsiExec.exe_740:
.text
.text
`.data
`.data
.rsrc
.rsrc
msvcrt.dll
msvcrt.dll
ADVAPI32.dll
ADVAPI32.dll
KERNEL32.dll
KERNEL32.dll
NTDLL.DLL
NTDLL.DLL
USER32.dll
USER32.dll
ole32.dll
ole32.dll
msi.dll
msi.dll
WinHttpOpen
WinHttpOpen
WinHttpConnect
WinHttpConnect
WinHttpCrackUrl
WinHttpCrackUrl
WinHttpOpenRequest
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpCloseHandle
WinHttpSendRequest
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpReadData
WinHttpQueryHeaders
WinHttpQueryHeaders
WinHttpGetProxyForUrl
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetOption
WinHttpSetOption
RegDeleteKeyExW
RegDeleteKeyExW
SQLInstallDriverExW
SQLInstallDriverExW
SQLConfigDriverW
SQLConfigDriverW
SQLRemoveDriverW
SQLRemoveDriverW
SQLInstallTranslatorExW
SQLInstallTranslatorExW
SQLRemoveTranslatorW
SQLRemoveTranslatorW
SQLConfigDataSourceW
SQLConfigDataSourceW
SQLInstallerErrorW
SQLInstallerErrorW
SQLInstallDriverManagerW
SQLInstallDriverManagerW
SQLRemoveDriverManagerW
SQLRemoveDriverManagerW
UrlCanonicalizeW
UrlCanonicalizeW
UrlCombineW
UrlCombineW
UrlIsW
UrlIsW
UrlIsFileUrlW
UrlIsFileUrlW
UrlGetPartW
UrlGetPartW
PathCreateFromUrlW
PathCreateFromUrlW
DeleteUrlCacheEntryW
DeleteUrlCacheEntryW
URLDownloadToCacheFileW
URLDownloadToCacheFileW
SetThreadExecutionState
SetThreadExecutionState
GetSystemWindowsDirectoryW
GetSystemWindowsDirectoryW
NtRenameKey
NtRenameKey
NtOpenKey
NtOpenKey
TermsrvLogInstallIniFileEx
TermsrvLogInstallIniFileEx
WTHelperGetProvCertFromChain
WTHelperGetProvCertFromChain
CertDuplicateCertificateContext
CertDuplicateCertificateContext
CertFreeCertificateContext
CertFreeCertificateContext
ReportFault
ReportFault
ApphelpFixMsiPackageExe
ApphelpFixMsiPackageExe
msiexec.pdb
msiexec.pdb
PSSSSSSh
PSSSSSSh
SSSSht
SSSSht
_acmdln
_acmdln
RegOpenKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegCreateKeyExW
RegCloseKey
RegCloseKey
RegDeleteKeyW
RegDeleteKeyW
RegEnumKeyW
RegEnumKeyW
RegEnumKeyExW
RegEnumKeyExW
RegGetKeySecurity
RegGetKeySecurity
MsgWaitForMultipleObjects
MsgWaitForMultipleObjects
ntdll.dll
ntdll.dll
name="MSIExec"
name="MSIExec"
version="4.0.0.0"
version="4.0.0.0"
Windows installer setup service
Windows installer setup service
name="Microsoft.Windows.Common-Controls"
name="Microsoft.Windows.Common-Controls"
version="6.0.0.0"
version="6.0.0.0"
publicKeyToken="6595b64144ccf1df"
publicKeyToken="6595b64144ccf1df"
Msi.Package
Msi.Package
Windows Installer Package
Windows Installer Package
Msi.Patch
Msi.Patch
Windows Installer Patch
Windows Installer Patch
APPID\%s
APPID\%s
%s\DefaultIcon
%s\DefaultIcon
%s\CLSID
%s\CLSID
CLSID\%s
CLSID\%s
CLSID\%s\ProgId
CLSID\%s\ProgId
Msi.dll
Msi.dll
MsiRegMv.Exe
MsiRegMv.Exe
MsiExecCA32
MsiExecCA32
Software\Microsoft\Windows\CurrentVersion\Installer
Software\Microsoft\Windows\CurrentVersion\Installer
{lX-0000-0000-C000-000000000046}
{lX-0000-0000-C000-000000000046}
ISMIF32.DLL
ISMIF32.DLL
RICHED20.DLL
RICHED20.DLL
%d.d.%.4d.%d
%d.d.%.4d.%d
REINSTALL=ALL REINSTALLMODE=%s
REINSTALL=ALL REINSTALLMODE=%s
Error: %d. %s.
Error: %d. %s.
Software\Policies\Microsoft\Windows\Installer
Software\Policies\Microsoft\Windows\Installer
Failed to connect to server. Error: 0x%X
Failed to connect to server. Error: 0x%X
FDeleteRegTree: Unable to delete subkey: %s
FDeleteRegTree: Unable to delete subkey: %s
Interface\{lX-0000-0000-C000-000000000046}\NumMethods
Interface\{lX-0000-0000-C000-000000000046}\NumMethods
3.1.4000
3.1.4000
3.0.3790
3.0.3790
%d.%d.%d
%d.%d.%d
CLSID\{lX-0000-0000-C000-000000000046}\DllVersion
CLSID\{lX-0000-0000-C000-000000000046}\DllVersion
FIsKeyLocalSystemOrAdminOwned: Could not get owner security info.
FIsKeyLocalSystemOrAdminOwned: Could not get owner security info.
PurgeUserOwnedSubkeys: Could not open subkey: %s
PurgeUserOwnedSubkeys: Could not open subkey: %s
PurgeUserOwnedSubkeys: Could not enumerate subkeys.
PurgeUserOwnedSubkeys: Could not enumerate subkeys.
PurgeUserOwnedSubkeys: Could not delete SubKey tree.
PurgeUserOwnedSubkeys: Could not delete SubKey tree.
PurgeUserOwnedSubkeys: %s not owned by System or Admin. Deleting key subkeys.
PurgeUserOwnedSubkeys: %s not owned by System or Admin. Deleting key subkeys.
PurgeUserOwnedInstallerKeys: Could not delete tree.
PurgeUserOwnedInstallerKeys: Could not delete tree.
PurgeUserOwnedInstallerKeys: Key '%s' not owned by System or Admin. Deleting key subkeys.
PurgeUserOwnedInstallerKeys: Key '%s' not owned by System or Admin. Deleting key subkeys.
PurgeUserOwnedInstallerKeys: Could not open key '%s'
PurgeUserOwnedInstallerKeys: Could not open key '%s'
OpenProcessToken failed with %d
OpenProcessToken failed with %d
passive
passive
Software\Microsoft\Windows\CurrentVersion\Installer\RunOnceEntries
Software\Microsoft\Windows\CurrentVersion\Installer\RunOnceEntries
SetInstallerACLs: Could not create Secure Installer sub key.
SetInstallerACLs: Could not create Secure Installer sub key.
SetInstallerACLs: Could not delete Installer key tree.
SetInstallerACLs: Could not delete Installer key tree.
SetInstallerACLs: Installer key not owned by System or Admin. Deleting key subkeys and re-creating.
SetInstallerACLs: Installer key not owned by System or Admin. Deleting key subkeys and re-creating.
SetInstallerACLs: Could not create Installer key.
SetInstallerACLs: Could not create Installer key.
kernel32.dll
kernel32.dll
WINHTTP
WINHTTP
fusion.dll
fusion.dll
URLMON
URLMON
RPCRT4
RPCRT4
Windows
Windows
3.1.4001.5512
3.1.4001.5512
msiexec
msiexec
msiexec.exe
msiexec.exe
Windows Installer - Unicode
Windows Installer - Unicode