analyze malware
  • Huge database of samples and IOCs
  • Custom VM setup
  • Unlimited submissions
  • Interactive approach
Sign up, it’s free
File name:

cdbxp_setup_4.5.4.5000.zip

Full analysis: https://app.any.run/tasks/19f87148-00a3-4f3f-863f-94eb82840fd5
Verdict: Malicious activity
Analysis date: March 31, 2023, 20:06:52
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/zip
File info: Zip archive data, at least v2.0 to extract
MD5:

9ED5FFD35F1738EED6E9825967790F5A

SHA1:

E0C3A0FCBEA120EF350E56F708920F07B5582E34

SHA256:

5A41BB5DEB8383AB3501B48F42BCFF885DB87F287A539D2DDEB62BA4746FF65F

SSDEEP:

98304:v5K8at9Ch9cbPALTJGaSjETASO08GZi56EtNiBEzQxe/bqITMBwMOCOJsh9plkJX:v5KChaAXzSCAMK5LNitNqYo9O9Orj

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.
  • MALICIOUS

    • Application was dropped or rewritten from another process

      • cdbxp_setup_4.5.4.5000.exe (PID: 4060)
      • cdbxp_setup_4.5.4.5000.exe (PID: 2404)
      • cdbxpp.exe (PID: 3232)
    • Registers / Runs the DLL via REGSVR32.EXE

      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • cdbxp_setup_4.5.4.5000.exe (PID: 4060)
      • cdbxp_setup_4.5.4.5000.exe (PID: 2404)
      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
    • Reads the Windows owner or organization settings

      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
    • Reads the Internet Settings

      • rundll32.exe (PID: 3000)
      • cdbxpp.exe (PID: 3232)
    • Uses RUNDLL32.EXE to load library

      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
    • Uses REG/REGEDIT.EXE to modify register

      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
  • INFO

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 2368)
    • Manual execution by a user

      • cdbxp_setup_4.5.4.5000.exe (PID: 4060)
    • Checks supported languages

      • cdbxp_setup_4.5.4.5000.exe (PID: 4060)
      • cdbxp_setup_4.5.4.5000.tmp (PID: 1540)
      • cdbxp_setup_4.5.4.5000.exe (PID: 2404)
      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
      • cdbxpp.exe (PID: 3232)
    • Create files in a temporary directory

      • cdbxp_setup_4.5.4.5000.exe (PID: 4060)
      • cdbxp_setup_4.5.4.5000.exe (PID: 2404)
      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
      • rundll32.exe (PID: 3000)
    • Reads the computer name

      • cdbxp_setup_4.5.4.5000.tmp (PID: 1540)
      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
      • cdbxpp.exe (PID: 3232)
    • The process checks LSA protection

      • cdbxp_setup_4.5.4.5000.tmp (PID: 1540)
      • rundll32.exe (PID: 3000)
      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
      • cdbxpp.exe (PID: 3232)
    • Application was dropped or rewritten from another process

      • cdbxp_setup_4.5.4.5000.tmp (PID: 1540)
      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
    • Checks proxy server information

      • rundll32.exe (PID: 3000)
    • Reads the machine GUID from the registry

      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
      • cdbxpp.exe (PID: 3232)
    • Creates files or folders in the user directory

      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
    • Creates files in the program directory

      • cdbxp_setup_4.5.4.5000.tmp (PID: 3144)
      • cdbxpp.exe (PID: 3232)
    • Reads Environment values

      • cdbxpp.exe (PID: 3232)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipFileName: cdbxp_setup_4.5.4.5000.exe
ZipUncompressedSize: 5644000
ZipCompressedSize: 5304939
ZipCRC: 0xf5bf506c
ZipModifyDate: 2014:08:19 16:11:12
ZipCompression: Deflated
ZipBitFlag: -
ZipRequiredVersion: 20
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
51
Monitored processes
11
Malicious processes
6
Suspicious processes
0

Behavior graph

Click at the process to see the details
start drop and start drop and start winrar.exe cdbxp_setup_4.5.4.5000.exe cdbxp_setup_4.5.4.5000.tmp no specs cdbxp_setup_4.5.4.5000.exe cdbxp_setup_4.5.4.5000.tmp rundll32.exe no specs regsvr32.exe reg.exe no specs reg.exe no specs regsvr32.exe cdbxpp.exe

Process information

PID
CMD
Path
Indicators
Parent process
2368"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\cdbxp_setup_4.5.4.5000.zip"C:\Program Files\WinRAR\WinRAR.exe
explorer.exe
User:
admin
Company:
Alexander Roshal
Integrity Level:
MEDIUM
Description:
WinRAR archiver
Exit code:
0
Version:
5.91.0
Modules
Images
c:\program files\winrar\winrar.exe
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\shlwapi.dll
4060"C:\Users\admin\Desktop\cdbxp_setup_4.5.4.5000.exe" C:\Users\admin\Desktop\cdbxp_setup_4.5.4.5000.exe
explorer.exe
User:
admin
Company:
Canneverbe Limited
Integrity Level:
MEDIUM
Description:
CDBurnerXP
Exit code:
0
Version:
4.5.4.5000
Modules
Images
c:\users\admin\desktop\cdbxp_setup_4.5.4.5000.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
1540"C:\Users\admin\AppData\Local\Temp\is-219KA.tmp\cdbxp_setup_4.5.4.5000.tmp" /SL5="$50128,4977608,525312,C:\Users\admin\Desktop\cdbxp_setup_4.5.4.5000.exe" C:\Users\admin\AppData\Local\Temp\is-219KA.tmp\cdbxp_setup_4.5.4.5000.tmpcdbxp_setup_4.5.4.5000.exe
User:
admin
Integrity Level:
MEDIUM
Description:
Setup/Uninstall
Exit code:
0
Version:
51.1051.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-219ka.tmp\cdbxp_setup_4.5.4.5000.tmp
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
2404"C:\Users\admin\Desktop\cdbxp_setup_4.5.4.5000.exe" /SPAWNWND=$90130 /NOTIFYWND=$50128 C:\Users\admin\Desktop\cdbxp_setup_4.5.4.5000.exe
cdbxp_setup_4.5.4.5000.tmp
User:
admin
Company:
Canneverbe Limited
Integrity Level:
HIGH
Description:
CDBurnerXP
Exit code:
0
Version:
4.5.4.5000
Modules
Images
c:\users\admin\desktop\cdbxp_setup_4.5.4.5000.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\ole32.dll
3144"C:\Users\admin\AppData\Local\Temp\is-G5TRB.tmp\cdbxp_setup_4.5.4.5000.tmp" /SL5="$A0140,4977608,525312,C:\Users\admin\Desktop\cdbxp_setup_4.5.4.5000.exe" /SPAWNWND=$90130 /NOTIFYWND=$50128 C:\Users\admin\AppData\Local\Temp\is-G5TRB.tmp\cdbxp_setup_4.5.4.5000.tmp
cdbxp_setup_4.5.4.5000.exe
User:
admin
Integrity Level:
HIGH
Description:
Setup/Uninstall
Exit code:
0
Version:
51.1051.0.0
Modules
Images
c:\users\admin\appdata\local\temp\is-g5trb.tmp\cdbxp_setup_4.5.4.5000.tmp
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
3000RunDll32.exe "C:\Users\admin\AppData\Local\Temp\is-6DU3H.tmp\OCSetupHlp.dll",_OCPID176OpenCandy2@16 3144,04079C7C6F1F4ECFA0C7AED6DF2CF79F,415CAB7D453A4F7CB1B492DF8AF89410,1B457B32E8F04B149801BA6843020ADCC:\Windows\System32\rundll32.execdbxp_setup_4.5.4.5000.tmp
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Windows host process (Rundll32)
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\rundll32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\imagehlp.dll
1208"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files\CDBurnerXP\StarBurnX15.dll"C:\Windows\System32\regsvr32.exe
cdbxp_setup_4.5.4.5000.tmp
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft(C) Register Server
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\regsvr32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sechost.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
3420"Reg.exe" Copy HKCU\SOFTWARE\CDBurnerXP "HKCU\SOFTWARE\Canneverbe Limited\CDBurnerXP" /s /fC:\Windows\System32\reg.execdbxp_setup_4.5.4.5000.tmp
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Registry Console Tool
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\reg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
3552"Reg.exe" Delete HKCU\SOFTWARE\CDBurnerXP /fC:\Windows\System32\reg.execdbxp_setup_4.5.4.5000.tmp
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Registry Console Tool
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\reg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
2396"C:\Windows\system32\regsvr32.exe" /s "C:\Program Files\CDBurnerXP\StarBurnX15.dll"C:\Windows\System32\regsvr32.exe
cdbxp_setup_4.5.4.5000.tmp
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft(C) Register Server
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\regsvr32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
Total events
13 122
Read events
12 672
Write events
82
Delete events
368

Modification events

(PID) Process:(2368) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\16D\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(2368) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:2
Value:
C:\Users\admin\Desktop\virtio_ivshmem_master_build.zip
(PID) Process:(2368) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\Win7-KB3191566-x86.zip
(PID) Process:(2368) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\Desktop\phacker.zip
(PID) Process:(2368) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(2368) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(2368) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(2368) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(2368) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
Operation:writeName:NodeSlots
Value:
0202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202020202
(PID) Process:(2368) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\BagMRU
Operation:writeName:MRUListEx
Value:
0C000000000000000B00000001000000020000000D00000007000000060000000A0000000900000008000000030000000500000004000000FFFFFFFF
Executable files
114
Suspicious files
34
Text files
70
Unknown types
6

Dropped files

PID
Process
Filename
Type
2368WinRAR.exeC:\Users\admin\Desktop\cdbxp_setup_4.5.4.5000.exeexecutable
MD5:C9D490C5E267FE9AE8B35A30451B3B0B
SHA256:E7C7DE9C5A78E67740CC849FCD9D2CC760BE1688FFB045D6DD38A0EB286DEFAE
2404cdbxp_setup_4.5.4.5000.exeC:\Users\admin\AppData\Local\Temp\is-G5TRB.tmp\cdbxp_setup_4.5.4.5000.tmpexecutable
MD5:60176F68FE54E7BF1768B661A997DCA7
SHA256:3A411D770671AE1AC2FA430CE954EA3F9C907A0CA0E60B674C63DCF6F78B1659
3144cdbxp_setup_4.5.4.5000.tmpC:\Program Files\CDBurnerXP\is-N9QOT.tmpexecutable
MD5:FC8007495A4105259F24C845369AB38F
SHA256:55742EB60D8EFC194D800BFB543CF363E5A18403998EC9F6C55177FDF9429132
3144cdbxp_setup_4.5.4.5000.tmpC:\Program Files\CDBurnerXP\bassflac.dllexecutable
MD5:B82D5B3867506593A17DC3C860C6B57E
SHA256:53E2BFC9CC5347FDCD07B2C43833C4CA1FE7EB978265841147549F1F33C6ADCD
3144cdbxp_setup_4.5.4.5000.tmpC:\Users\admin\AppData\Local\Temp\is-6DU3H.tmp\_isetup\_shfoldr.dllexecutable
MD5:92DC6EF532FBB4A5C3201469A5B5EB63
SHA256:9884E9D1B4F8A873CCBD81F8AD0AE257776D2348D027D811A56475E028360D87
3144cdbxp_setup_4.5.4.5000.tmpC:\Program Files\CDBurnerXP\basswma.dllexecutable
MD5:7B52BE6D702AA590DB57A0E135F81C45
SHA256:9B5A8B323D2D1209A5696EAF521669886F028CE1ECDBB49D1610C09A22746330
3144cdbxp_setup_4.5.4.5000.tmpC:\Users\admin\AppData\Local\Temp\is-6DU3H.tmp\OCSetupHlp.dllexecutable
MD5:7B4C4AD3576852B7B3A1AC321D2CDE0E
SHA256:8DD4D9A707286C7B440EED0B6B014C8E8728E99BE0B8F254D5BDD37D1DCFDF91
4060cdbxp_setup_4.5.4.5000.exeC:\Users\admin\AppData\Local\Temp\is-219KA.tmp\cdbxp_setup_4.5.4.5000.tmpexecutable
MD5:60176F68FE54E7BF1768B661A997DCA7
SHA256:3A411D770671AE1AC2FA430CE954EA3F9C907A0CA0E60B674C63DCF6F78B1659
3144cdbxp_setup_4.5.4.5000.tmpC:\Program Files\CDBurnerXP\is-6QVJR.tmpexecutable
MD5:7B52BE6D702AA590DB57A0E135F81C45
SHA256:9B5A8B323D2D1209A5696EAF521669886F028CE1ECDBB49D1610C09A22746330
3144cdbxp_setup_4.5.4.5000.tmpC:\Program Files\CDBurnerXP\is-8L791.tmpexecutable
MD5:8005750EC63EB5292884AD6183AE2E77
SHA256:DF9F56C4DA160101567B0526845228EE481EE7D2F98391696FA27FE41F8ACF15
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
3
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

No data

DNS requests

Domain
IP
Reputation
api.opencandy.com
whitelisted
update.cdburnerxp.se
unknown
update.cdburnerxp.org
unknown

Threats

No threats detected
Process
Message
regsvr32.exe
HKCR { NoRemove AppID { '{3DD7EA49-B5E1-4493-895D-C73562138FC0}' = s 'StarBurnXLib' 'StarBurnX12.DLL' { val AppID = s '{3DD7EA49-B5E1-4493-895D-C73562138FC0}' 'Version' = s '[!output TYPELIB_VERSION_MAJOR].[!output TYPELIB_VERSION_MINOR]' } } }
regsvr32.exe
HKCR { StarBurnX.DriveSpeed.15 = s 'DriveSpeed Class' { CLSID = s '{E0EEE430-80D8-42D7-8D83-F046AECD7536}' } StarBurnX.DriveSpeed = s 'DriveSpeed Class' { CLSID = s '{E0EEE430-80D8-42D7-8D83-F046AECD7536}' CurVer = s 'StarBurnX.DriveSpeed.15' } NoRemove CLSID { ForceRemove {E0EEE430-80D8-42D7-8D83-F046AECD7536} = s 'DriveSpeed Class' { ProgID = s 'StarBurnX.DriveSpeed.15' VersionIndependentProgID = s 'StarBurnX.DriveSpeed' ForceRemove 'Programmable' InprocServer32 = s 'C:\Program Files\CDBurnerXP\StarBurnX15.dll' { val ThreadingModel = s 'Free' } 'TypeLib' = s '{93CBA48A-1C58-4648-B22D-8F3588CB8D95}' 'Version' = s '15.0' } } }
regsvr32.exe
HKCR { NoRemove AppID { '{3DD7EA49-B5E1-4493-895D-C73562138FC0}' = s 'StarBurnXLib' 'StarBurnX12.DLL' { val AppID = s '{3DD7EA49-B5E1-4493-895D-C73562138FC0}' 'Version' = s '[!output TYPELIB_VERSION_MAJOR].[!output TYPELIB_VERSION_MINOR]' } } }
regsvr32.exe
HKCR { StarBurnX.DriveSpeed.15 = s 'DriveSpeed Class' { CLSID = s '{E0EEE430-80D8-42D7-8D83-F046AECD7536}' } StarBurnX.DriveSpeed = s 'DriveSpeed Class' { CLSID = s '{E0EEE430-80D8-42D7-8D83-F046AECD7536}' CurVer = s 'StarBurnX.DriveSpeed.15' } NoRemove CLSID { ForceRemove {E0EEE430-80D8-42D7-8D83-F046AECD7536} = s 'DriveSpeed Class' { ProgID = s 'StarBurnX.DriveSpeed.15' VersionIndependentProgID = s 'StarBurnX.DriveSpeed' ForceRemove 'Programmable' InprocServer32 = s 'C:\Program Files\CDBurnerXP\StarBurnX15.dll' { val ThreadingModel = s 'Free' } 'TypeLib' = s '{93CBA48A-1C58-4648-B22D-8F3588CB8D95}' 'Version' = s '15.0' } } }
regsvr32.exe
HKCR { StarBurnX.DriveSpeeds.15 = s 'DriveSpeeds Class' { CLSID = s '{7169A231-64EC-4702-98AB-05ABB6D882A9}' } StarBurnX.DriveSpeeds = s 'DriveSpeeds Class' { CLSID = s '{7169A231-64EC-4702-98AB-05ABB6D882A9}' CurVer = s 'StarBurnX.DriveSpeeds.15' } NoRemove CLSID { ForceRemove {7169A231-64EC-4702-98AB-05ABB6D882A9} = s 'DriveSpeeds Class' { ProgID = s 'StarBurnX.DriveSpeeds.15' VersionIndependentProgID = s 'StarBurnX.DriveSpeeds' ForceRemove 'Programmable' InprocServer32 = s 'C:\Program Files\CDBurnerXP\StarBurnX15.dll' { val ThreadingModel = s 'Free' } 'TypeLib' = s '{93CBA48A-1C58-4648-B22D-8F3588CB8D95}' 'Version' = s '15.0' } } }
regsvr32.exe
HKCR { StarBurnX.DriveSpeeds.15 = s 'DriveSpeeds Class' { CLSID = s '{7169A231-64EC-4702-98AB-05ABB6D882A9}' } StarBurnX.DriveSpeeds = s 'DriveSpeeds Class' { CLSID = s '{7169A231-64EC-4702-98AB-05ABB6D882A9}' CurVer = s 'StarBurnX.DriveSpeeds.15' } NoRemove CLSID { ForceRemove {7169A231-64EC-4702-98AB-05ABB6D882A9} = s 'DriveSpeeds Class' { ProgID = s 'StarBurnX.DriveSpeeds.15' VersionIndependentProgID = s 'StarBurnX.DriveSpeeds' ForceRemove 'Programmable' InprocServer32 = s 'C:\Program Files\CDBurnerXP\StarBurnX15.dll' { val ThreadingModel = s 'Free' } 'TypeLib' = s '{93CBA48A-1C58-4648-B22D-8F3588CB8D95}' 'Version' = s '15.0' } } }
regsvr32.exe
HKCR { StarBurnX.DriveInfo.15 = s 'DriveInfo Class' { CLSID = s '{996C8DFD-8CE6-43B2-9414-CB6132485363}' } StarBurnX.DriveInfo = s 'DriveInfo Class' { CLSID = s '{996C8DFD-8CE6-43B2-9414-CB6132485363}' CurVer = s 'StarBurnX.DriveInfo.15' } NoRemove CLSID { ForceRemove {996C8DFD-8CE6-43B2-9414-CB6132485363} = s 'DriveInfo Class' { ProgID = s 'StarBurnX.DriveInfo.15' VersionIndependentProgID = s 'StarBurnX.DriveInfo' ForceRemove 'Programmable' InprocServer32 = s 'C:\Program Files\CDBurnerXP\StarBurnX15.dll' { val ThreadingModel = s 'Free' } 'TypeLib' = s '{93CBA48A-1C58-4648-B22D-8F3588CB8D95}' 'Version' = s '15.0' } } }
regsvr32.exe
HKCR { StarBurnX.DriveInfo.15 = s 'DriveInfo Class' { CLSID = s '{996C8DFD-8CE6-43B2-9414-CB6132485363}' } StarBurnX.DriveInfo = s 'DriveInfo Class' { CLSID = s '{996C8DFD-8CE6-43B2-9414-CB6132485363}' CurVer = s 'StarBurnX.DriveInfo.15' } NoRemove CLSID { ForceRemove {996C8DFD-8CE6-43B2-9414-CB6132485363} = s 'DriveInfo Class' { ProgID = s 'StarBurnX.DriveInfo.15' VersionIndependentProgID = s 'StarBurnX.DriveInfo' ForceRemove 'Programmable' InprocServer32 = s 'C:\Program Files\CDBurnerXP\StarBurnX15.dll' { val ThreadingModel = s 'Free' } 'TypeLib' = s '{93CBA48A-1C58-4648-B22D-8F3588CB8D95}' 'Version' = s '15.0' } } }
regsvr32.exe
HKCR { StarBurnX.Track.15 = s 'Track Class' { CLSID = s '{F750BC9F-72CE-45C6-9D1F-BFEFB0765918}' } StarBurnX.Track = s 'Track Class' { CLSID = s '{F750BC9F-72CE-45C6-9D1F-BFEFB0765918}' CurVer = s 'StarBurnX.Track.15' } NoRemove CLSID { ForceRemove {F750BC9F-72CE-45C6-9D1F-BFEFB0765918} = s 'Track Class' { ProgID = s 'StarBurnX.Track.15' VersionIndependentProgID = s 'StarBurnX.Track' ForceRemove 'Programmable' InprocServer32 = s 'C:\Program Files\CDBurnerXP\StarBurnX15.dll' { val ThreadingModel = s 'Free' } 'TypeLib' = s '{93CBA48A-1C58-4648-B22D-8F3588CB8D95}' 'Version' = s '15.0' } } }
regsvr32.exe
HKCR { StarBurnX.Track.15 = s 'Track Class' { CLSID = s '{F750BC9F-72CE-45C6-9D1F-BFEFB0765918}' } StarBurnX.Track = s 'Track Class' { CLSID = s '{F750BC9F-72CE-45C6-9D1F-BFEFB0765918}' CurVer = s 'StarBurnX.Track.15' } NoRemove CLSID { ForceRemove {F750BC9F-72CE-45C6-9D1F-BFEFB0765918} = s 'Track Class' { ProgID = s 'StarBurnX.Track.15' VersionIndependentProgID = s 'StarBurnX.Track' ForceRemove 'Programmable' InprocServer32 = s 'C:\Program Files\CDBurnerXP\StarBurnX15.dll' { val ThreadingModel = s 'Free' } 'TypeLib' = s '{93CBA48A-1C58-4648-B22D-8F3588CB8D95}' 'Version' = s '15.0' } } }