ThreatExpert Report: Trojan.Win32.VB.fes, Mal/Heuri-E, Mal/Emogen-N, Mal/Emogen-F..

Visit ThreatExpert web site

Close Report

Submission Summary:

Submission details:

Submission received: 16 September 2008, 14:21:23
Processing time: 5 min 31 sec
Submitted sample:

File MD5: 0xB95B7938FE5856D3667BDAE45D06756B
File SHA-1: 0x5FD50227DC64E412233376C71CCC4440A05939C0
Filesize: 48,345 bytes
Alias:

Trojan.Win32.VB.fes [Kaspersky Lab]
Mal/Heuri-E, Mal/Emogen-N, Mal/Emogen-F [Sophos]

Summary of the findings:

What's been found	Severity Level
Downloads/requests other files from Internet.
Packed with a packer that is known to be used by malware (e.g. to complicate threat analysis or detection).
Contains characteristics of an identified security risk.

Technical Details:

Possible Security Risk

Attention! The following threat category was identified:

Threat Category	Description
	A malicious trojan horse or bot that may represent security risk for the compromised system and/or its network environment

File System Modifications

The following files were created in the system:

#	Filename(s)	File Size	File Hash	Alias
1	%System%\kill.bat	114 bytes	MD5: 0x0A1FA1306E6A816B1C05052FA4A8A52A SHA-1: 0x402F6C1380D051AC60EB31427B15B4EE50E604C5	(not available)
2	[file and pathname of the sample #1]	48,345 bytes	MD5: 0xB95B7938FE5856D3667BDAE45D06756B SHA-1: 0x5FD50227DC64E412233376C71CCC4440A05939C0	Trojan.Win32.VB.fes [Kaspersky Lab] Mal/Heuri-E, Mal/Emogen-N, Mal/Emogen-F [Sophos]

Note:

%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

Memory Modifications

There was a new process created in the system:

Process Name	Process Filename	Main Module Size
[filename of the sample #1]	[file and pathname of the sample #1]	155,648 bytes

The following system services were modified:

Service Name	Display Name	New Status	Service Filename
ALG	Application Layer Gateway Service	"Stopped"	%System%\alg.exe
SharedAccess	Windows Firewall/Internet Connection Sharing (ICS)	"Stopped"	%System%\svchost.exe -k netsvcs

Other details

Analysis of the file resources indicate the following possible country of origin:

China

The following Host Name was requested from a host database:

192.168.1.164

The following Internet downloads were started (the retrieved bits are saved into the local file):

URL to be downloaded	Filename for the downloaded bits
http://www.ngddzj.cn/adsmxi22/uu.mdb	%AllUsersProfile%\??????\??\??\Explorev.exe
http://www.ngddzj.cn/adsmxi22/mxi22.mdb	%Windir%\STM.EXE
http://www.ngddzj.cn/adsmxi22/skep.mdb	%FontsDir%\sviss.exe
http://www.ngddzj.cn/adsmxi22/ad7731.mdb	%ProgramFiles%\Internet Explorer\ad7731.exe
http://www.ngddzj.cn/adsmxi22/yuanc1.mdb	%ProgramFiles%\Internet Explorer\Connection Wizard\miosym.exe
http://www.ngddzj.cn/adsmxi22/yuanc2.mdb	%Windir%\miosym.exe
http://www.ngddzj.cn/adsmxi22/yuanc3.mdb	%Windir%\Media\miosym.exe
http://www.ngddzj.cn/adsmxi22/yuanc4.mdb	%System%\Com\miosym.exe
http://www.ngddzj.cn/adsmxi22/yuanc5.mdb	%System%\Setup\miosym.exe
http://www.ngddzj.cn/adsmxi22/yuanc6.mdb	%ProgramFiles%\Internet Explorer\miosym.exe
http://www.ngddzj.cn/adsmxi22/yuanc7.mdb	%Windir%\Web\miosym.exe
http://www.ngddzj.cn/adsmxi22/yuanc8.mdb	%Windir%\system\miosym.exe
http://www.ngddzj.cn/adsmxi22/yuanc9.mdb	%FontsDir%\miosym.exe

Notes:

%AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.

Downloaded File Summary:

Download details:

Download retrieved: 16 September 2008 14:48:21
Processing time: 6 min 26 sec
Downloaded sample #1:

File MD5: 0x9233E5860910D3F0E9910F94C5134074
File SHA-1: 0x4687B13E7D478664AE4D6BFA151AA667CD2B23A7
Filesize: 3,173 bytes
Alias:

Trojan-Clicker.Win32.VB.ccv [Kaspersky Lab]
Generic.dx [McAfee]
Mal/Packer [Sophos]

Downloaded sample #2:

File MD5: 0x1B7E5B9ED9E81867724C40E5D8CB475E
File SHA-1: 0x60C9985097174C3465956E2CDFD78A5CB57905A9
Filesize: 41,409 bytes
Alias: Mal/TibsPk-A [Sophos]

Downloaded sample #3:

File MD5: 0x0C38C4C8C4F3C14169487B2295851D71
File SHA-1: 0x5D4A1519D98D33E7C83B6509F948BA21974B2765
Filesize: 32,768 bytes
Alias:

Trojan.VB!sd6 [PCTools]
Trojan Horse [Symantec]
Trojan.Win32.VB.etd [Kaspersky Lab]
W32/Generic.d [McAfee]
Mal/Behav-216 [Sophos]
Worm:Win32/Autorun.FA [Microsoft]

Summary of the findings:

What's been found	Severity Level
Downloads/requests other files from Internet.
Creates a startup registry entry.
Packed with a packer that is known to be used by malware (e.g. to complicate threat analysis or detection).
Contains characteristics of an identified security risk.

Technical Details:

Possible Security Risk

Attention! Characteristics of the following security risks were identified in the system:

Security Risk	Description
Trojan.Startpage!sd6	Trojan.Startpage!sd6 is a malicious program that does not infect other files but may represents security risk for your computer and/or network environment.
Trojan.VB!sd6	Trojan.VB!sd6 is a malicious program that does not infect other files but may represents security risk for your computer and/or network environment.

Attention! The following threat categories were identified:

Threat Category	Description
	A malicious trojan horse or bot that may represent security risk for the compromised system and/or its network environment
	A program that downloads files to the local computer that may represent security risk

File System Modifications

The following files were created in the system:

#	Filename(s)	File Size	File Hash	Alias
1	%FontsDir%\1.ho	1 bytes	MD5: 0xC4CA4238A0B923820DCC509A6F75849B SHA-1: 0x356A192B7913B04C54574D18C28D46E6395428AB	(not available)
2	%FontsDir%\smvs.exe	82,432 bytes	MD5: 0x28A4870CC2C24C326877B3C9B47CA502 SHA-1: 0xE6F3EC6969D1CC6B663003A5000CBC3CF4E9270E	W32/Autorun.worm.b [McAfee] Troj/Qhost-O [Sophos] Trojan:Win32/Qhost.V [Microsoft]
3	%FontsDir%\svchost.exe	12,288 bytes	MD5: 0x8FB18E8BFE3035F3850BEC26397D4D5A SHA-1: 0xDA62A44F88F1277D7AA3241FAE20FC7EB5175E15	Trojan.Startpage!sd6 [PCTools] Trojan.Startpage [Symantec] Trojan-Downloader.Win32.Adload.aml [Kaspersky Lab] Downloader.gen.a [McAfee] TROJ_STARTPA.LR [Trend Micro]
4	%FontsDir%\uccdate.exe	14,469 bytes	MD5: 0x80874DD4284001645413CCB46664FE59 SHA-1: 0x97882569A670C25ACF058AA0A21FBC9369F6F692	Mal/Heuri-E, Mal/Emogen-N [Sophos]
5	%System%\kill.bat	114 bytes	MD5: 0xAFA8D687DB355AC9D6364C42ED7E86B0 SHA-1: 0x13E76CAC3C080D5E2C0A9E0091AEB3D58F5A1313	(not available)
6	[file and pathname of the sample #1]	3,173 bytes	MD5: 0x9233E5860910D3F0E9910F94C5134074 SHA-1: 0x4687B13E7D478664AE4D6BFA151AA667CD2B23A7	Trojan-Clicker.Win32.VB.ccv [Kaspersky Lab] Generic.dx [McAfee] Mal/Packer [Sophos]
7	[file and pathname of the sample #2]	41,409 bytes	MD5: 0x1B7E5B9ED9E81867724C40E5D8CB475E SHA-1: 0x60C9985097174C3465956E2CDFD78A5CB57905A9	Mal/TibsPk-A [Sophos]
8	[file and pathname of the sample #3]	32,768 bytes	MD5: 0x0C38C4C8C4F3C14169487B2295851D71 SHA-1: 0x5D4A1519D98D33E7C83B6509F948BA21974B2765	Trojan.VB!sd6 [PCTools] Trojan Horse [Symantec] Trojan.Win32.VB.etd [Kaspersky Lab] W32/Generic.d [McAfee] Mal/Behav-216 [Sophos] Worm:Win32/Autorun.FA [Microsoft]

Notes:

%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

Memory Modifications

There were new processes created in the system:

Process Name	Process Filename	Main Module Size
[filename of the sample #1]	[file and pathname of the sample #1]	24,576 bytes
smvs.exe	%FontsDir%\smvs.exe	94,208 bytes
svchost.exe	%FontsDir%\svchost.exe	12,288 bytes
uccdate.exe	%FontsDir%\uccdate.exe	73,728 bytes
[filename of the sample #2]	[file and pathname of the sample #2]	147,456 bytes
[filename of the sample #3]	[file and pathname of the sample #3]	32,768 bytes

The following system services were modified:

Service Name	Display Name	New Status	Service Filename
ALG	Application Layer Gateway Service	"Stopped"	%System%\alg.exe
SharedAccess	Windows Firewall/Internet Connection Sharing (ICS)	"Stopped"	%System%\svchost.exe -k netsvcs

Registry Modifications

The newly created Registry Value is:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

svchost = "%FontsDir%\svchost.exe"
smvs = "%FontsDir%\smvs.exe"

so that svchost.exe runs every time Windows starts

so that smvs.exe runs every time Windows starts

The following Registry Value was modified:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

Start Page = "http://www.31fa.com"

Other details

Analysis of the file resources indicate the following possible country of origin:

China

The following Host Name was requested from a host database:

192.168.1.164

The following Internet downloads were started (the retrieved bits are saved into the local file):

URL to be downloaded	Filename for the downloaded bits
http://down.1024tb.com/download/3s/UUSEE_dazhong1_Setup_813108.exe	%Windir%\Tasks\UUSEE_dazhong1_Setup_813108.exe
http://down.1024tb.com/download/3s/UUSEE_dazhong1_Setup_813059.exe	%Windir%\Tasks\UUSEE_dazhong1_Setup_813059.exe
http://down.1024tb.com/download/3s/UUSEE_dazhong1_Setup_812527.exe	%Windir%\Tasks\UUSEE_dazhong1_Setup_812527.exe

Notes:

%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.

Downloaded Files Summary (Generation #2):

Download details:

Download retrieved: 16 September 2008 15:01:20
Processing time: 6 min 22 sec
Downloaded sample:

File MD5: 0x80A7D0BDA4ECD9AF93002C4C3CDA726F
File SHA-1: 0x51369F42740568E11D73924A8A54340B387D1325
Filesize: 4,300,664 bytes

Summary of the findings:

What's been found	Severity Level
Registers a 32-bit in-process server DLL.

Technical Details:

The new window was created, as shown below:

NOTICE: The content shown in the above window is captured automatically and is not controlled or endorsed by ThreatExpert.
Please contact us on this link should any material be offensive or inappropriate and we will ensure any such content is blocked from future viewers of the report.

File System Modifications

The following files were created in the system:

#	Filename(s)	File Size	File Hash
1	%CommonDesktopDir%\UUSee ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½.lnk %CommonStartMenu%\UUSee ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½.lnk	702 bytes	MD5: 0x9BF7805B10F554A9181A2436A6EC6EE3 SHA-1: 0x5850E53BAC9EF035837F93D21680A7171AFD1833
2	%CommonDesktopDir%\ï¿½é¿´UUSeeï¿½ï¿½ï¿½ï¿½ï¿½ï¿½Ó½ï¿½Ä¿ï¿½ï¿½.lnk	687 bytes	MD5: 0xCF99314CB89340336E9320A94C9DA585 SHA-1: 0xDBE533D9F1E8A56541A909980E393D6A8283CA22
3	%CommonPrograms%\UUSee ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½\ï¿½é¿´UUSeeï¿½ï¿½ï¿½ï¿½ï¿½ï¿½Ó½ï¿½Ä¿ï¿½ï¿½.lnk	699 bytes	MD5: 0x66B37A14962D8A0B4D61CC173E6EB8E8 SHA-1: 0x3BF4C9D70D682D7BA85F3DD71738CE9C816D63EF
4	%CommonPrograms%\UUSee ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½\ï¿½ï¿½ï¿½ï¿½UUSee ï¿½ï¿½Õ¾.lnk	680 bytes	MD5: 0xF08FF105119F1ED75E3FB034E64C300D SHA-1: 0x619D99086F4EB78C26B2F10FD62CFB53FC206BBF
5	%CommonPrograms%\UUSee ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½\ï¿½ï¿½ï¿½UUSee ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½.lnk	714 bytes	MD5: 0xCC1F4E7C128DF09A22B6451DCCEF3C4E SHA-1: 0x4774DCB673886AB2A85E63B6622709ED783D322B
6	%CommonPrograms%\UUSee ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½\Ð¶ï¿½ï¿½UUSee ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½.lnk	714 bytes	MD5: 0xDD8313909EEA41BA442CC654D4196C29 SHA-1: 0xB601977E5E51B32BEBEBD83C8B80A31CBAE3F15E
7	%ProgramFiles%\Common Files\uusee\check_cmd.exe	140,616 bytes	MD5: 0x30DD09477E5766C73AA1DB789C18AA90 SHA-1: 0x474B00E11A8137AE24303F685FC363985E0A293E
8	%ProgramFiles%\Common Files\uusee\CoCode.dll	51,976 bytes	MD5: 0x210398CED06A9885DDB57E9356B806F4 SHA-1: 0xB07565C07AF5D40C8B6631C200875CBAFC81A611
9	%ProgramFiles%\Common Files\uusee\download.dll	111,944 bytes	MD5: 0xCCB594FC1508FC559F5343FD3AEE01AD SHA-1: 0x2B4751507D2F2834AD56DCE190FA6E633E072D18
10	%ProgramFiles%\Common Files\uusee\in_net.dll	939,336 bytes	MD5: 0xA6D5B830E10574DBBA91469B5C1ABEB4 SHA-1: 0xEBE2A5C7DD5A9004698013CD4FD3795A76724863
11	%ProgramFiles%\Common Files\uusee\MediaCenter.ini	758 bytes	MD5: 0x3E35270888501177BB1E88053902BD75 SHA-1: 0x0D970B703D448CA0A92991360BA3E1B0FCD8FE93
12	%ProgramFiles%\Common Files\uusee\out_mmshttp.dll	204,616 bytes	MD5: 0x91CDFC7ECB7B52049CFC13C659335FCC SHA-1: 0x7F2A153E9235FA1079070C7AAB7BC056DEC5F90F
13	%ProgramFiles%\Common Files\uusee\review\bf_bg.gif	197 bytes	MD5: 0x631BF68758C8B1BC0767D59DFBF42126 SHA-1: 0xBBC6DBFC8CCED31CA8525D844325A3CA05BF66CA
14	%ProgramFiles%\Common Files\uusee\review\local.htm	10,259 bytes	MD5: 0xDCFE1235296FAB5BAB9498E2710CB853 SHA-1: 0xB4D6FE1D50521498D69C8B3689C3EB7435461AF2
15	%ProgramFiles%\Common Files\uusee\review\skin1_bufferbar.gif	108 bytes	MD5: 0x8322F20B0807E114D47B33E37F18832A SHA-1: 0x6334D669B4A2558C9DE49D370950442A8DEDE3F0
16	%ProgramFiles%\Common Files\uusee\review\skin1_bufferbg0.gif	50 bytes	MD5: 0xF4B59DA2677FACB2C905E3E40F7BF026 SHA-1: 0xD9E7611BE2D1F6CCA82F49787D5FC61934A5F045
17	%ProgramFiles%\Common Files\uusee\review\skin1_bufferbg1.gif	63 bytes	MD5: 0xDE4DCBCFA02D5F874E6A74BA1E98128B SHA-1: 0x6311920092BC7D6F5707931655F5029A1017618C
18	%ProgramFiles%\Common Files\uusee\review\skin_fullscreen.gif	173 bytes	MD5: 0xD31CBE41C8367407F613F88982A8C866 SHA-1: 0xFA48FFA17DF00597395B4A249353ABF4D49D95BF
19	%ProgramFiles%\Common Files\uusee\review\skin_mute.gif	621 bytes	MD5: 0xA61842CF1560FF67F0EDC71C1D88D0FE SHA-1: 0xF65C4D332B4E9F6660ACC0B54D068998DED955D1
20	%ProgramFiles%\Common Files\uusee\review\skin_pause.gif	853 bytes	MD5: 0xB1BFF77B371C0EEAF859B98F7423D8FE SHA-1: 0xD14E98EF9B485B93FE466735F1D171CD5ABFCA18
21	%ProgramFiles%\Common Files\uusee\review\skin_play.gif	1,110 bytes	MD5: 0x0181A4B93ECBDB7942332A78DBF54446 SHA-1: 0x23BCAE621B75D59AC7C9CFF363D93BC60335195B
22	%ProgramFiles%\Common Files\uusee\review\skin_qback.gif	564 bytes	MD5: 0x4135949E152CEFA202646CD2BCCBE773 SHA-1: 0xE8E1AB2DDFB7A673FFDD60FE86B541031FB89B89
23	%ProgramFiles%\Common Files\uusee\review\skin_qnext.gif	563 bytes	MD5: 0x75912E386DCBA9C33D5FD99C0D941927 SHA-1: 0xF895AD4738B04EA8E896CF0A49352ED7FDA199ED
24	%ProgramFiles%\Common Files\uusee\review\skin_share.gif	788 bytes	MD5: 0x5F219403456E1E7306FAB88A48A59C22 SHA-1: 0xE6E93BE77E03E2A767604A588E299996B6D066EB
25	%ProgramFiles%\Common Files\uusee\review\skin_stop.gif	152 bytes	MD5: 0xF2772DD293CECE6BD6512BC136A1E566 SHA-1: 0xC77891371CA84ED4332EA6D68FF9E8816728CC18
26	%ProgramFiles%\Common Files\uusee\review\skin_volume.gif	393 bytes	MD5: 0x3592CC1318F5CF6118A6AB06FCA887E9 SHA-1: 0x482941A65BF22061CB8883E8AA784579FA41A630
27	%ProgramFiles%\Common Files\uusee\review\skin_volumebar.gif	82 bytes	MD5: 0xBE7F3F44BD7274E68B1B406AAA803FEF SHA-1: 0xAC691DB5DC4FEB39AB69E9C2E79ECC938E469B38
28	%ProgramFiles%\Common Files\uusee\review\skin_volumebarbg.gif	189 bytes	MD5: 0x1D9EF8DEDDC937B51CD73E5339889DD1 SHA-1: 0x6733F4E4F3867DA9E47EA7C6C642B46583ACDE92
29	%ProgramFiles%\Common Files\uusee\review\skin_volumebarbg2.gif	256 bytes	MD5: 0xDCB4D006F60D57335F09555500152729 SHA-1: 0xE8E6298C3FF76D58B1F7FFB1806D502672256F5E
30	%ProgramFiles%\Common Files\uusee\rmsp011.ax	427,336 bytes	MD5: 0x860F5E6D9638EF3C3F4CEB2AFA5F3F92 SHA-1: 0x783EBF7563822FE3E3E446671794B2A2E8885CFA
31	%ProgramFiles%\Common Files\uusee\seeplayer.ocx	800,072 bytes	MD5: 0x1D3E62D596CC322C276330931B879599 SHA-1: 0xDBBF46D9B3DA1431367B5634ADA9EBDAA2E82B83
32	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\About_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\About.bmp	35,192 bytes	MD5: 0x388693A749FDA4E29D01840975A7C206 SHA-1: 0x229660EFEF52F4658F979F9C8CF9E8E0BA0E04C9
33	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_CheckBox_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_CheckBox_1.bmp	1,256 bytes	MD5: 0x964A5132B89734CAADED4D81C7819792 SHA-1: 0x56C29F2FA975AB8BB398795A3D6C25B32B134609
34	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_CheckBox_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_CheckBox_2.bmp	1,256 bytes	MD5: 0xFCC766E10FA1F81627FCEAC03F8CB979 SHA-1: 0xAEEFAE79311EA7A16034D52CF3F7E0C2A611E4C6
35	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_CheckBox_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_CheckBox_3.bmp	1,256 bytes	MD5: 0xEBB3D921CC4E976F5232EBEB1B1351B3 SHA-1: 0x11FF887DD01E797F74CE65F6BDA5CE333B22B600
36	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_CheckBox_4_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_CheckBox_4.bmp	1,256 bytes	MD5: 0xCD19469ED15974EA20C3121B9E79A603 SHA-1: 0x1F14E7FB9E6F65815DA52C55B98D8330058E22EA
37	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_CheckBox_C1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_CheckBox_C1.bmp	1,256 bytes	MD5: 0xC3992781D1C8B1C1B368C255BB743D16 SHA-1: 0x5BAE16E4992FB0AAC2F27A9E72FDBC4A4F560C8A
38	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_CheckBox_C2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_CheckBox_C2.bmp	1,256 bytes	MD5: 0x13C8811C82B94AAE8A2C65F0FA3DF9C9 SHA-1: 0xB548E397CFD69272174ECD788D300DE62BB7D478
39	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_CheckBox_C3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_CheckBox_C3.bmp	1,256 bytes	MD5: 0x62693A431C95EC76427FB27306DDDDC2 SHA-1: 0x5C89FD07213F734FED4276217ADF6623998EF395
40	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_CheckBox_C4_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_CheckBox_C4.bmp	1,256 bytes	MD5: 0xB38F0BA3A55D41B2130770A2A711CC5E SHA-1: 0x5CC5AB0C111595D2E80FBE5B8D13E0CF847F98D9
41	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_ComboBox_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_ComboBox_1.bmp	2,632 bytes	MD5: 0xCF798FF311A2F21846CAF1760A885696 SHA-1: 0xFD8E8553E1C37F713F6A597C7342208EB4EF4DC2
42	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_ComboBox_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_ComboBox_2.bmp	2,632 bytes	MD5: 0xB245AB2BE923BEE0837FB959B682DB7D SHA-1: 0xBBF31597731EB9A92464989E9BE008F5C40E99E4
43	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_ComboBox_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_ComboBox_3.bmp	2,632 bytes	MD5: 0xE0EE700CA8BBFABE5088E506870FCF5A SHA-1: 0x44A9A9B0A948C91216F2BA39D27F8CA912B9DFDC
44	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_ComboBox_4_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_ComboBox_4.bmp	2,632 bytes	MD5: 0xABC9ADB36979D2EB3AD3E4C8D5C25A81 SHA-1: 0xE705B61E27A171EE9D56A9A695E0BA01B65C61F8
45	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_Edit_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_Edit_1.bmp	1,062 bytes	MD5: 0x45C060F6D8936004F5059A46152C35E8 SHA-1: 0x7FD0E1DE7A3605789ACB474ECDB7B7D0D94A3373
46	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_Edit_4_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_Edit_4.bmp	1,062 bytes	MD5: 0x6FCD3ED1D684272382775F37453867A7 SHA-1: 0xD81E700570284C32AC7A17F61E0D783FF7D4E13F
47	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_PushButton_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_PushButton_1.bmp	1,556 bytes	MD5: 0x3F4A34CD8E7898CE7C514B47DB599822 SHA-1: 0xB2F1BCCC8FBE9B82D50E9C9FBC135803EEEAE100
48	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_PushButton_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_PushButton_2.bmp	1,556 bytes	MD5: 0xB3D87229E27D0142E007718CAAA11FAF SHA-1: 0x97C6BCA8CFAC5B99764E3BDF09E48965E441641C
49	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_PushButton_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_PushButton_3.bmp	1,556 bytes	MD5: 0xACD91864CF2A45599CB3CCA223187CAF SHA-1: 0x12AA56C7A5783BE7BAB8746FAA1AAD8469C5FB60
50	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_PushButton_4_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_PushButton_4.bmp	1,556 bytes	MD5: 0xEA666C6F0E180B34FFB1A52580EBC68B SHA-1: 0x94EAE2A2E5E719EF41BBD32350BACD151143C3E6
51	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_RadioButton_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_RadioButton_1.bmp	1,256 bytes	MD5: 0xAA173F564663A6947A21AC96E15B0E70 SHA-1: 0x079E398520630808A7F51D984C879A94ABA3A367
52	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_RadioButton_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_RadioButton_2.bmp	1,256 bytes	MD5: 0x362902FC16F29808A1362418E3877E1F SHA-1: 0x5C2E33B26446096A6272C011C632EC6674CDAF6E
53	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_RadioButton_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_RadioButton_3.bmp	1,256 bytes	MD5: 0xC65ABB9A14984C3F366D30F7123B747B SHA-1: 0xAC9BA203C5BC66A4F25A66791F48CC08FB0DDE45
54	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_RadioButton_4_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_RadioButton_4.bmp	1,256 bytes	MD5: 0x6BE405C445219E782C010E0D3B356D20 SHA-1: 0xFDC1D4B4D256D6C98B94B665F7C42BC73CE9B324
55	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_RadioButton_C1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_RadioButton_C1.bmp	1,256 bytes	MD5: 0x13058CD7809B9F95E97283E87E0C34A7 SHA-1: 0xD975AA253FFE36E85EE0AD5F9BEBBA3276350F5C
56	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_RadioButton_C2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_RadioButton_C2.bmp	1,256 bytes	MD5: 0x62AC93C23510DCBFD98256A3B73EF012 SHA-1: 0x26A1C458A31B780D76EAABAA1C1A2FDE3B231381
57	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_RadioButton_C3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_RadioButton_C3.bmp	1,256 bytes	MD5: 0x19CDC57C1DA8CBB35D87A80B09DC62D6 SHA-1: 0x5D90B2BB5ED481DC09E061992AAC4AC9513F9C73
58	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Ctrl_RadioButton_C4_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Ctrl_RadioButton_C4.bmp	1,256 bytes	MD5: 0x5147443FD67366FDB2A91E09DD18B258 SHA-1: 0xC7BAEDC594B143580EFB3853B798308371D3ED75
59	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Dlg_Back_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Dlg_Back.bmp	360,054 bytes	MD5: 0x2F258CE4BCEC93D9DD59F13B174F5376 SHA-1: 0xEFAB182F7134002012303839B628077A164CDD7A
60	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Dlg_Detect_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Dlg_Detect.bmp	370,854 bytes	MD5: 0xA6F50D53D88DA697F45DC1B0507BDA17 SHA-1: 0x98BDBB052B87D162DF52BFA4451DC6D721BD5E60
61	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Dlg_Frame_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Dlg_Frame_1.bmp	40,040 bytes	MD5: 0xE991065A895124738185E875DA0DE2A5 SHA-1: 0x5BD176FFE95871CBA833B93E813F4D42C2D9E945
62	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Dlg_Frame_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Dlg_Frame_2.bmp	40,040 bytes	MD5: 0x95BFD44F9FDD02208B7E258C92E1CF79 SHA-1: 0x78455EDFF5ACD354AA76AC728A0D04864CF0C8B2
63	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Dlg_Frame_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Dlg_Frame_3.bmp	40,040 bytes	MD5: 0x8A4EC4C1C5EDA33E2848F5E3D55C669D SHA-1: 0x4CDB5AF6E3F283355A62DF98B7C5CBC245AFF34C
64	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Icon_Information_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Icon_Information.bmp	3,126 bytes	MD5: 0x7A44DF7CA08A748C966AF8F19DFD00E6 SHA-1: 0x79A5B3EF66F23372B9DAE6BFDFD14285D0032BA6
65	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Icon_Question_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Icon_Question.bmp	3,126 bytes	MD5: 0xE325B980F25D1CFC95E9FE174DEFF13F SHA-1: 0x36B9D77D43C116FA05562C37D3907595D4387F01
66	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Icon_Stop_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Icon_Stop.bmp	3,126 bytes	MD5: 0x23154AB8B865A44C9D7124A4514FA4E5 SHA-1: 0x170605EC16032B08F06F654995DE5571D198E8A5
67	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\ListHeader_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\ListHeader_1.bmp	1,254 bytes	MD5: 0x573682E231E62ADBA9EEE1BDAE1278CE SHA-1: 0xA4B1CF810B088A23DCAECDE5CE9147CC794A1F93
68	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\ListHeader_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\ListHeader_2.bmp	1,254 bytes	MD5: 0xDBDA86446771D1923A3F7FB84E850FAC SHA-1: 0xE00CCA68C6BADAABCF4FD8D0B60A7B5BB2EBD749
69	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\ListHeader_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\ListHeader_3.bmp	1,254 bytes	MD5: 0x5F527AE99F498E87F83C37F2065B86A5 SHA-1: 0x5A3F564C3374C0C71AEFFDD68E84A97A3DF7B854
70	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\ListHeader_ArrowD_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\ListHeader_ArrowD.bmp	630 bytes	MD5: 0x3B1F3549A09DA464E84BDBEEEBC94395 SHA-1: 0xEDB13D2676406C33BE00E8DCA90EA08B513A18CB
71	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\ListHeader_ArrowU_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\ListHeader_ArrowU.bmp	630 bytes	MD5: 0x794FE5690D9261458A0F4688E416719B SHA-1: 0xA37F40BDAE2E52D775EDA8E1EE167698E18A53C4
72	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\ListHeader_SP_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\ListHeader_SP.bmp	294 bytes	MD5: 0xD7A1D5139C846995E950813D4993635C SHA-1: 0x655215561B064BCAF28628CC92FD9AF6D59DF56F
73	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Resource.h %ProgramFiles%\Common Files\uusee\skins\UUPlayer\Resource_Engine.h	4,255 bytes	MD5: 0x12F9325ED13880C23DEA4768F2F4A88F SHA-1: 0xC1368A3AE0938F8DBF73B7B0640E9274AAFA113D
74	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_1_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_1_1.bmp	7,456 bytes	MD5: 0xA60DBD85F77C1857D548E3BCDE93A5D2 SHA-1: 0xBDC30E47A3E73AED8E378BFECC5C188D703FDAE5
75	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_1_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_1_2.bmp	7,456 bytes	MD5: 0x2F525429EB8C3E18C3893E11425E9C82 SHA-1: 0xA61589F26E1BAB8B1022B72F8CD3397C610AA878
76	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_1_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_1_3.bmp	7,456 bytes	MD5: 0x555B8D05E4C290640B985574F5747A25 SHA-1: 0x4D693AC2318AC85B28ECBB49D370A95F145255A4
77	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_2_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_2_1.bmp	7,456 bytes	MD5: 0xBF5EF737F6098ACCECF779CB8DF582C0 SHA-1: 0xB4B2A9D4D1F623A6CBA3DB63F9D4241E37A6D3ED
78	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_2_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_2_2.bmp	7,456 bytes	MD5: 0xDB0791EB85487F31235D25DFE439458C SHA-1: 0x1C857AC4CF737699711C2AA54CDBFCF95AD9CC73
79	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_2_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_2_3.bmp	7,456 bytes	MD5: 0x40987B5613B485412A99A9C0E081FB27 SHA-1: 0xB74E7BECA3B586A990DD3F0FE6C13C32DEB45CDF
80	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_3_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_3_1.bmp	7,456 bytes	MD5: 0x85A8644F2B40A286D82F029970B4C7B9 SHA-1: 0x2079B05E6CFD3E5AC261996B2FBC3CE67D75B5BA
81	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_3_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_3_2.bmp	7,456 bytes	MD5: 0x9C7DBDBE733B55EC3654279E8A9F9E40 SHA-1: 0x99E1F61A113291DFF32B248CBD02F472671A9743
82	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_3_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_3_3.bmp	7,456 bytes	MD5: 0x184BD93DD364DD0EBEE221EA8AC93026 SHA-1: 0x920B89F2B5490C4CA2A885F33E3087E03C756DDD
83	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_4_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_4_1.bmp	7,456 bytes	MD5: 0x6014D1C4D9556DF378B9AC0B61E01409 SHA-1: 0x90A5BC9D27FCC2F775FBDD2E16A9BED83C84B577
84	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_4_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_4_2.bmp	7,456 bytes	MD5: 0x7C52B0228344514DCB9F626E14A67F1E SHA-1: 0x4A64A26C2D843DC1EE7EB1D1E6EA2DA57A2ADB10
85	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_4_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_4_3.bmp	7,456 bytes	MD5: 0x04FC682D2E1C71AE757756F56910F4B9 SHA-1: 0x6726103A4A4B26CFA726A9AF4D1F514283A19F86
86	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_5_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_5_1.bmp	7,456 bytes	MD5: 0xDB7E10B4337A8D58B040F9D573F5183B SHA-1: 0x095CD23EC8B34A3B9023711BB8654062ECB3CAE0
87	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_5_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_5_2.bmp	7,456 bytes	MD5: 0xCB7A776167968E8E34D451CE062EF23A SHA-1: 0xA3392F6C1D4EC17DF57A6607EB718F0F68889F83
88	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Setting_Group_5_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Setting_Group_5_3.bmp	7,456 bytes	MD5: 0xB1F66397FA7205E2BADAD1A1E0E50FA0 SHA-1: 0x01EC15C960DFEE8DDB47785301867EF396F2E7D1
89	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\UUSEE_Engine.ui	117,120 bytes	MD5: 0x2F8B7DB4951D2B1B2324DC3044DF6A2B SHA-1: 0xE2F1C751C4E03B00BEDA2D5CBDEAC4BC365759E1
90	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Wnd_Setting_1_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Wnd_Setting_1.bmp	228,408 bytes	MD5: 0xE543074E0470264229FCA07730FC438B SHA-1: 0x099C9A9D52CD012AE681CF62BB47F2848686C487
91	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Wnd_Setting_2_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Wnd_Setting_2.bmp	228,408 bytes	MD5: 0xD6F90ED66425B5E4AB5B192FA4AF4DDB SHA-1: 0x974DDA0FAFBEA6E263FD9C03AF7C56E14E03BB07
92	%ProgramFiles%\Common Files\uusee\skins\UUPlayer\Wnd_Setting_3_Engine.bmp %ProgramFiles%\uusee\skins\UUPlayer\Wnd_Setting_3.bmp	228,408 bytes	MD5: 0x1B277CB52494E0C59BAD1CFD605EAE52 SHA-1: 0x0A44AC52D499ED6D87AF970CF53A3CA04320232D
93	%ProgramFiles%\Common Files\uusee\trafficlight.dll	382,280 bytes	MD5: 0xBADC48C74D315E704F4A08036BFDCAD7 SHA-1: 0xC3E83661B316D11DB663B50023C5DB12333A968B
94	%ProgramFiles%\Common Files\uusee\UFDeMux.ax	157,000 bytes	MD5: 0xBA4C952C0E2AA1257C19E88732483649 SHA-1: 0x3373DA2D429F78F8047F5D1E8CE9AB292118DD25
95	%ProgramFiles%\Common Files\uusee\UFSource.ax	128,328 bytes	MD5: 0x7610A2FCD11330E8CB1DF63B29C23C38 SHA-1: 0x32CA07301EDE1216843A530D8E3C673FCF20302D
96	%ProgramFiles%\Common Files\uusee\uninst.exe	69,800 bytes	MD5: 0x3AE391817DB37536CA1BC133199BF766 SHA-1: 0x600753944671743B460E7FC4C54F31FEA17C9AF3
97	%ProgramFiles%\Common Files\uusee\UUPlayer.exe	38,216 bytes	MD5: 0x9219E9AF4921A67CB5FE73158940C07D SHA-1: 0x3CCFDA00A93822004E0EF9CBCD06BFC4225CD698
98	%ProgramFiles%\Common Files\uusee\UUPlayer.ocx	38,152 bytes	MD5: 0xC54F2FD55CAC31D4613DB16F3E7BCA76 SHA-1: 0xC7424664BE21E45E9590B3B9EEE379002948E2F0
99	%ProgramFiles%\Common Files\uusee\UUSeeMediaCenter.exe	771,400 bytes	MD5: 0x01B4911651D08DB8B33BF78B57DF29A7 SHA-1: 0x5800F9434433FAFEB191CBDB8467D9B438225E45
100	%ProgramFiles%\Common Files\uusee\uusee_base_path.ini	88 bytes	MD5: 0xBCC05C784ECB5B5BBC00649C06DFF1C3 SHA-1: 0x7044F769D10FD24FBA6232B6C4E89FF9F2A7212F

Notes:

%CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
%CommonStartMenu% is a variable that refers to the file system directory that contains the programs and folders that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu (Windows NT/2000/XP).
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.

The following directories were created:

%CommonPrograms%\UUSee ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½
%ProgramFiles%\Common Files\uusee
%ProgramFiles%\Common Files\uusee\review
%ProgramFiles%\Common Files\uusee\skins
%ProgramFiles%\Common Files\uusee\skins\UUPlayer
%ProgramFiles%\uusee
%ProgramFiles%\uusee\skins
%ProgramFiles%\uusee\skins\UUPlayer

Registry Modifications

The following Registry Keys were created:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{17413BA0-0160-4C1F-BA66-679436BCA89B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{238D0F23-5DC9-45A6-9BE2-666160C324DD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{48CF8992-4161-49D6-9A9B-F1FDB3BAE74D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{765035B3-5944-4A94-806B-20EE3415F26F}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{941A4793-A705-4312-8DFC-C11CA05F397E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{E21BE468-5C18-43EB-B0CC-DB93A847D769}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1185448F-CD61-4FD0-A728-F62407D354AA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1185448F-CD61-4FD0-A728-F62407D354AA}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{17413BA0-0160-4C1F-BA66-679436BCA89B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{17413BA0-0160-4C1F-BA66-679436BCA89B}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{238D0F23-5DC9-45A6-9BE2-666160C324DD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{238D0F23-5DC9-45A6-9BE2-666160C324DD}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28966B43-B5D0-4694-9E79-F5B4099F02D4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28966B43-B5D0-4694-9E79-F5B4099F02D4}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\Control
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\Implemented Categories
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\MiscStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\MiscStatus\1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\ToolboxBitmap32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48CF8992-4161-49D6-9A9B-F1FDB3BAE74D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48CF8992-4161-49D6-9A9B-F1FDB3BAE74D}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\Control
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\MiscStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\MiscStatus\1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\ToolboxBitmap32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{765035B3-5944-4A94-806B-20EE3415F26F}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{765035B3-5944-4A94-806B-20EE3415F26F}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\Control
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\Implemented Categories
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\MiscStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\MiscStatus\1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\ToolboxBitmap32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{941A4793-A705-4312-8DFC-C11CA05F397E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{941A4793-A705-4312-8DFC-C11CA05F397E}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{945E37E3-156F-4757-AA1F-CBA338DDFBE9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{945E37E3-156F-4757-AA1F-CBA338DDFBE9}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E21BE468-5C18-43EB-B0CC-DB93A847D769}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E21BE468-5C18-43EB-B0CC-DB93A847D769}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\Control
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\Implemented Categories
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\MiscStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\MiscStatus\1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\ToolboxBitmap32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0E7BAF1-655E-4899-ACD4-10D055414CFB}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0E7BAF1-655E-4899-ACD4-10D055414CFB}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03536919-5F7D-4506-80DF-144C74CB5B45}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03536919-5F7D-4506-80DF-144C74CB5B45}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03536919-5F7D-4506-80DF-144C74CB5B45}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03536919-5F7D-4506-80DF-144C74CB5B45}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{263BE21D-D834-4971-8097-1F5954995C18}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{263BE21D-D834-4971-8097-1F5954995C18}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{263BE21D-D834-4971-8097-1F5954995C18}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{263BE21D-D834-4971-8097-1F5954995C18}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{56ABD0A3-FEA0-420E-A72C-6D4D7C3DBB2D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{56ABD0A3-FEA0-420E-A72C-6D4D7C3DBB2D}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{56ABD0A3-FEA0-420E-A72C-6D4D7C3DBB2D}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{56ABD0A3-FEA0-420E-A72C-6D4D7C3DBB2D}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{770B88B4-DCD8-4857-8E82-62C650F58545}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{770B88B4-DCD8-4857-8E82-62C650F58545}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{770B88B4-DCD8-4857-8E82-62C650F58545}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{770B88B4-DCD8-4857-8E82-62C650F58545}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9587E96-9349-4F58-A7D5-77E53811BDFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9587E96-9349-4F58-A7D5-77E53811BDFD}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9587E96-9349-4F58-A7D5-77E53811BDFD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9587E96-9349-4F58-A7D5-77E53811BDFD}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BE61BB61-0E51-4080-8B6D-8F1FE00ABE38}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BE61BB61-0E51-4080-8B6D-8F1FE00ABE38}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BE61BB61-0E51-4080-8B6D-8F1FE00ABE38}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BE61BB61-0E51-4080-8B6D-8F1FE00ABE38}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9475D64-4461-4A22-BD58-132AF1D7D565}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9475D64-4461-4A22-BD58-132AF1D7D565}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9475D64-4461-4A22-BD58-132AF1D7D565}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9475D64-4461-4A22-BD58-132AF1D7D565}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F39804DC-F2B5-4E8B-92F1-45F7B5349C4C}

The newly created Registry Values are:

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{17413BA0-0160-4C1F-BA66-679436BCA89B}]

FriendlyName = "UUSEE Source"
CLSID = "{17413BA0-0160-4C1F-BA66-679436BCA89B}"
FilterData = 02 00 00 00 00 00 60 00 01 00 00 00 00 00 00 00 30 70 69 33 08 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 30 74 79 33 00 00 00 00 38 00 00 00 48 00 00 00 83 EB 36 E4 4F 52 CE 11 9F 53 00 20 AF 0B A7 70 E8 A0 70 F0 13 B2 E4 47 89 91 25 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{238D0F23-5DC9-45A6-9BE2-666160C324DD}]

FriendlyName = "RealVideo Decoder"
CLSID = "{238D0F23-5DC9-45A6-9BE2-666160C324DD}"
FilterData = 02 00 00 00 00 00 40 00 02 00 00 00 00 00 00 00 30 70 69 33 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 30 74 79 33 00 00 00 00 90 00 00 00 A0 00 00 00 31 74 79 33 00 00 00 00 90 00 00 00 B0 00 00 00 32 74 79 33 00 00 00 00 90 00 00 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{48CF8992-4161-49D6-9A9B-F1FDB3BAE74D}]

FriendlyName = "UUSEE DeMultiplexer"
CLSID = "{48CF8992-4161-49D6-9A9B-F1FDB3BAE74D}"
FilterData = 02 00 00 00 00 00 60 00 02 00 00 00 00 00 00 00 30 70 69 33 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 30 74 79 33 00 00 00 00 60 00 00 00 60 00 00 00 31 70 69 33 08 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 30 74 79 3

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{765035B3-5944-4A94-806B-20EE3415F26F}]

FriendlyName = "RealMedia Source"
CLSID = "{765035B3-5944-4A94-806B-20EE3415F26F}"
FilterData = 02 00 00 00 00 00 60 00 00 00 00 00 00 00 00 00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{941A4793-A705-4312-8DFC-C11CA05F397E}]

FriendlyName = "RealAudio Decoder"
CLSID = "{941A4793-A705-4312-8DFC-C11CA05F397E}"
FilterData = 02 00 00 00 00 00 40 00 02 00 00 00 00 00 00 00 30 70 69 33 00 00 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00 00 00 30 74 79 33 00 00 00 00 E0 00 00 00 F0 00 00 00 31 74 79 33 00 00 00 00 E0 00 00 00 00 01 00 00 32 74 79 33 00 00 00 00 E0 00 00 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance\{E21BE468-5C18-43EB-B0CC-DB93A847D769}]

FriendlyName = "RealMedia Splitter"
CLSID = "{E21BE468-5C18-43EB-B0CC-DB93A847D769}"
FilterData = 02 00 00 00 00 00 60 00 02 00 00 00 00 00 00 00 30 70 69 33 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 30 74 79 33 00 00 00 00 50 00 00 00 60 00 00 00 31 70 69 33 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 83 EB 36 E

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1185448F-CD61-4FD0-A728-F62407D354AA}\InprocServer32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\UUWEBP~1.OCX"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1185448F-CD61-4FD0-A728-F62407D354AA}]

(Default) = "UUWebPlayer Property Page"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{17413BA0-0160-4C1F-BA66-679436BCA89B}\InprocServer32]

(Default) = "%ProgramFiles%\Common Files\uusee\UFSource.ax"
ThreadingModel = "Both"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{17413BA0-0160-4C1F-BA66-679436BCA89B}]

(Default) = "UUSEE Source"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{238D0F23-5DC9-45A6-9BE2-666160C324DD}\InprocServer32]

(Default) = "%ProgramFiles%\Common Files\uusee\rmsp011.ax"
ThreadingModel = "Both"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{238D0F23-5DC9-45A6-9BE2-666160C324DD}]

(Default) = "RealVideo Decoder"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28966B43-B5D0-4694-9E79-F5B4099F02D4}\InprocServer32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\UUPlayer.ocx"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28966B43-B5D0-4694-9E79-F5B4099F02D4}]

(Default) = "UUPlayerOCX Property Page"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\MiscStatus\1]

(Default) = "131473"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\Version]

(Default) = "1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\TypeLib]

(Default) = "{BC85539C-48EA-4222-B6EE-8DA6897175DA}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\ToolboxBitmap32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\UUUPGR~1.OCX, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\ProgID]

(Default) = "UUUPGRADE.UUUpgradeCtrl.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\MiscStatus]

(Default) = "0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\InprocServer32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\UUUPGR~1.OCX"
ThreadingModel = "Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}\Control]

(Default) = ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}]

(Default) = "UUUpgrade Control"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48CF8992-4161-49D6-9A9B-F1FDB3BAE74D}\InprocServer32]

(Default) = "%ProgramFiles%\Common Files\uusee\UFDeMux.ax"
ThreadingModel = "Both"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48CF8992-4161-49D6-9A9B-F1FDB3BAE74D}]

(Default) = "UUSEE DeMultiplexer"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\MiscStatus\1]

(Default) = "131473"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\Version]

(Default) = "1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\TypeLib]

(Default) = "{34A24C1F-46A0-46B1-92C9-210132D85E60}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\ToolboxBitmap32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\UUWEBP~1.OCX, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\ProgID]

(Default) = "UUWEBPLAYER.UUWebPlayerCtrl.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\MiscStatus]

(Default) = "0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\InprocServer32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\UUWEBP~1.OCX"
ThreadingModel = "Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}\Control]

(Default) = ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C348EAC-3600-45D3-B477-DFEDDFB78472}]

(Default) = "UUWebPlayer Control"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{765035B3-5944-4A94-806B-20EE3415F26F}\InprocServer32]

(Default) = "%ProgramFiles%\Common Files\uusee\rmsp011.ax"
ThreadingModel = "Both"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{765035B3-5944-4A94-806B-20EE3415F26F}]

(Default) = "RealMedia Source"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\MiscStatus\1]

(Default) = "132497"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\Version]

(Default) = "1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\TypeLib]

(Default) = "{41E77C38-9383-404C-BC49-EDF2AEA4E163}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\ToolboxBitmap32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\UUPlayer.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\ProgID]

(Default) = "UUPLAYEROCX.UUPlayerOCXCtrl.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\MiscStatus]

(Default) = "0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\InprocServer32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\UUPlayer.ocx"
ThreadingModel = "Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}\Control]

(Default) = ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77910CD3-5447-4CCB-92DE-35BA8198BE81}]

(Default) = "UUPlayerOCX Control"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{941A4793-A705-4312-8DFC-C11CA05F397E}\InprocServer32]

(Default) = "%ProgramFiles%\Common Files\uusee\rmsp011.ax"
ThreadingModel = "Both"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{941A4793-A705-4312-8DFC-C11CA05F397E}]

(Default) = "RealAudio Decoder"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{945E37E3-156F-4757-AA1F-CBA338DDFBE9}\InprocServer32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\SEEPLA~1.OCX"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{945E37E3-156F-4757-AA1F-CBA338DDFBE9}]

(Default) = "UPlayer Property Page"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E21BE468-5C18-43EB-B0CC-DB93A847D769}\InprocServer32]

(Default) = "%ProgramFiles%\Common Files\uusee\rmsp011.ax"
ThreadingModel = "Both"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E21BE468-5C18-43EB-B0CC-DB93A847D769}]

(Default) = "RealMedia Splitter"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\MiscStatus\1]

(Default) = "131473"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\Version]

(Default) = "1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\TypeLib]

(Default) = "{754EFA30-C752-4F45-8890-6250A53FD512}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\ToolboxBitmap32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\SEEPLA~1.OCX, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\ProgID]

(Default) = "UPLAYER.UPlayerCtrl.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\MiscStatus]

(Default) = "0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\InprocServer32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\SEEPLA~1.OCX"
ThreadingModel = "Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}\Control]

(Default) = ""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC}]

(Default) = "UPlayer Control"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0E7BAF1-655E-4899-ACD4-10D055414CFB}\InprocServer32]

(Default) = "C:\PROGRA~1\COMMON~1\uusee\UUUPGR~1.OCX"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0E7BAF1-655E-4899-ACD4-10D055414CFB}]

(Default) = "UUUpgrade Property Page"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03536919-5F7D-4506-80DF-144C74CB5B45}\TypeLib]

(Default) = "{BC85539C-48EA-4222-B6EE-8DA6897175DA}"
Version = "1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03536919-5F7D-4506-80DF-144C74CB5B45}\ProxyStubClsid32]

(Default) = "{00020420-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03536919-5F7D-4506-80DF-144C74CB5B45}\ProxyStubClsid]

(Default) = "{00020420-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03536919-5F7D-4506-80DF-144C74CB5B45}]

(Default) = "_DUUUpgradeEvents"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{263BE21D-D834-4971-8097-1F5954995C18}\TypeLib]

(Default) = "{34A24C1F-46A0-46B1-92C9-210132D85E60}"
Version = "1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{263BE21D-D834-4971-8097-1F5954995C18}\ProxyStubClsid32]

(Default) = "{00020420-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{263BE21D-D834-4971-8097-1F5954995C18}\ProxyStubClsid]

(Default) = "{00020420-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{263BE21D-D834-4971-8097-1F5954995C18}]

(Default) = "_DUUWebPlayer"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{56ABD0A3-FEA0-420E-A72C-6D4D7C3DBB2D}\TypeLib]

(Default) = "{34A24C1F-46A0-46B1-92C9-210132D85E60}"
Version = "1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{56ABD0A3-FEA0-420E-A72C-6D4D7C3DBB2D}\ProxyStubClsid32]

(Default) = "{00020420-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{56ABD0A3-FEA0-420E-A72C-6D4D7C3DBB2D}\ProxyStubClsid]

(Default) = "{00020420-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{56ABD0A3-FEA0-420E-A72C-6D4D7C3DBB2D}]

(Default) = "_DUUWebPlayerEvents"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{770B88B4-DCD8-4857-8E82-62C650F58545}\TypeLib]

(Default) = "{754EFA30-C752-4F45-8890-6250A53FD512}"

Other details

Analysis of the file resources indicate the following possible country of origin:

China

All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.

The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.