Technical Information
- [<HKLM>\Software\Classes\PROTOCOLS\Handler\vnd.ms.radio] 'CLSID' = '{3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020}'
- [<HKLM>\Software\Classes\vnd.ms.radio\shell\open\command] '' = '"%ProgramFiles%\Windows Media Player\mplayer2.exe" "%L"'
- %TEMP%\is-qphmo.tmp\<File name>.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-rvmem.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-ri59a.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-dt7mm.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-kel2q.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-9p6dn.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-s5dbg.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-a794k.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-ckpni.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-kah0g.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-n430g.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-nvp0n.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\is-qtr31.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\is-bvhkr.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\is-3f7d3.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\is-s8l2m.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\is-a35ru.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\is-m5vsd.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\is-1l8a1.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\is-bqq6a.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\is-ml2d2.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\is-0htd1.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\is-98641.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\is-ll2bb.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\is-15al4.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\is-ij40c.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\is-f8prs.tmp
- %ProgramFiles(x86)%\aurora media workshop\forceaspi17\is-8k2lg.tmp
- %ALLUSERSPROFILE%\microsoft\windows\start menu\programs\aurora media workshop\aurora media workshop.lnk
- %ProgramFiles(x86)%\aurora media workshop\nscompat.tlb
- %ProgramFiles(x86)%\aurora media workshop\is-pr620.tmp
- %ProgramFiles(x86)%\aurora media workshop\amcompat.tlb
- %ProgramFiles(x86)%\aurora media workshop\is-70o34.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-ngjpl.tmp
- %TEMP%\is-f4aju.tmp\_isetup\_setup64.tmp
- %TEMP%\is-f4aju.tmp\_isetup\_iscrypt.dll
- %ProgramFiles(x86)%\aurora media workshop\is-8qqbj.tmp
- %WINDIR%\syswow64\is-c82a4.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-hagc1.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-i8u3r.tmp
- %ProgramFiles(x86)%\aurora media workshop\skin\is-mig25.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-i8jtu.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-e31u5.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-jvl9h.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-ir0lh.tmp
- %WINDIR%\syswow64\is-5smht.tmp
- %WINDIR%\syswow64\is-29t10.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-gd2in.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-6h0ah.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-og6tp.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-la9ba.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-mo4h6.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-a0vpq.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-pigt9.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-o4q7p.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-66jql.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-3lig6.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-ktdg5.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-qi4l8.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-dah8t.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-iqked.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-g50q6.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-sil6d.tmp
- %ProgramFiles(x86)%\aurora media workshop\is-15g96.tmp
- %ProgramFiles(x86)%\aurora media workshop\unins000.dat
- from %ProgramFiles(x86)%\aurora media workshop\is-8qqbj.tmp to %ProgramFiles(x86)%\aurora media workshop\unins000.exe
- from %ProgramFiles(x86)%\aurora media workshop\is-ri59a.tmp to %ProgramFiles(x86)%\aurora media workshop\cdrip.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-dt7mm.tmp to %ProgramFiles(x86)%\aurora media workshop\vcdimager.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-kel2q.tmp to %ProgramFiles(x86)%\aurora media workshop\wmaudsdk.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-9p6dn.tmp to %ProgramFiles(x86)%\aurora media workshop\libsnd.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-s5dbg.tmp to %ProgramFiles(x86)%\aurora media workshop\mp3lib.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-a794k.tmp to %ProgramFiles(x86)%\aurora media workshop\msvcrt.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-ckpni.tmp to %ProgramFiles(x86)%\aurora media workshop\msvcr70.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-kah0g.tmp to %ProgramFiles(x86)%\aurora media workshop\msvcr71.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-n430g.tmp to %ProgramFiles(x86)%\aurora media workshop\wmvprofileeditor.ocx
- from %ProgramFiles(x86)%\aurora media workshop\is-nvp0n.tmp to %ProgramFiles(x86)%\aurora media workshop\aspisetup.exe
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\is-qtr31.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\apix.vxd
- from %ProgramFiles(x86)%\aurora media workshop\is-la9ba.tmp to %ProgramFiles(x86)%\aurora media workshop\support.ini
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\is-bvhkr.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\aspienum.vxd
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\is-s8l2m.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\winaspi.dll
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\is-a35ru.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\wnaspi32.dll
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\is-m5vsd.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\aspi32.sys
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\is-1l8a1.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\winaspi.dll
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\is-bqq6a.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\winnt.reg
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\is-ml2d2.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\wnaspi32.dll
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\is-0htd1.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winnt\wowpost.exe
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\is-98641.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\aspi32.sys
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\is-ll2bb.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\frcaspi.txt
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\is-15al4.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\winaspi.dll
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\is-ij40c.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\wnaspi32.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-pr620.tmp to %ProgramFiles(x86)%\aurora media workshop\viscomimage.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-rvmem.tmp to %ProgramFiles(x86)%\aurora media workshop\vorbis.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-70o34.tmp to %ProgramFiles(x86)%\aurora media workshop\nctaudiovisualization2.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-15g96.tmp to %ProgramFiles(x86)%\aurora media workshop\nctaudiorecord2.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-ngjpl.tmp to %ProgramFiles(x86)%\aurora media workshop\nctaudioplayer2.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-hagc1.tmp to %ProgramFiles(x86)%\aurora media workshop\wmfdist.exe
- from %ProgramFiles(x86)%\aurora media workshop\is-i8u3r.tmp to %ProgramFiles(x86)%\aurora media workshop\aurora media workshop.exe
- from %ProgramFiles(x86)%\aurora media workshop\skin\is-mig25.tmp to %ProgramFiles(x86)%\aurora media workshop\skin\winaqua.smf
- from %ProgramFiles(x86)%\aurora media workshop\is-i8jtu.tmp to %ProgramFiles(x86)%\aurora media workshop\videoedit.ocx
- from %ProgramFiles(x86)%\aurora media workshop\is-e31u5.tmp to %ProgramFiles(x86)%\aurora media workshop\mpeg2dmx.ax
- from %ProgramFiles(x86)%\aurora media workshop\is-jvl9h.tmp to %ProgramFiles(x86)%\aurora media workshop\mpgdec.ax
- from %ProgramFiles(x86)%\aurora media workshop\is-ir0lh.tmp to %ProgramFiles(x86)%\aurora media workshop\skinmagic.dll
- from %WINDIR%\syswow64\is-5smht.tmp to %WINDIR%\syswow64\gdiplus.dll
- from %WINDIR%\syswow64\is-29t10.tmp to %WINDIR%\syswow64\smd.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-gd2in.tmp to %ProgramFiles(x86)%\aurora media workshop\libmpg-1.0.2.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-6h0ah.tmp to %ProgramFiles(x86)%\aurora media workshop\libmcl-4.5.0.dll
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\is-f8prs.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\winntdump\wowpost.exe
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\is-3f7d3.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\win9x\win9x.reg
- from %ProgramFiles(x86)%\aurora media workshop\is-og6tp.tmp to %ProgramFiles(x86)%\aurora media workshop\foxburner.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-a0vpq.tmp to %ProgramFiles(x86)%\aurora media workshop\msdxm.ocx
- from %ProgramFiles(x86)%\aurora media workshop\is-pigt9.tmp to %ProgramFiles(x86)%\aurora media workshop\directencode.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-o4q7p.tmp to %ProgramFiles(x86)%\aurora media workshop\viscomwave.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-66jql.tmp to %ProgramFiles(x86)%\aurora media workshop\lame_enc.dll
- from %ProgramFiles(x86)%\aurora media workshop\is-3lig6.tmp to %ProgramFiles(x86)%\aurora media workshop\help.chm
- from %ProgramFiles(x86)%\aurora media workshop\is-ktdg5.tmp to %ProgramFiles(x86)%\aurora media workshop\tips.txt
- from %ProgramFiles(x86)%\aurora media workshop\is-qi4l8.tmp to %ProgramFiles(x86)%\aurora media workshop\license.txt
- from %ProgramFiles(x86)%\aurora media workshop\is-dah8t.tmp to %ProgramFiles(x86)%\aurora media workshop\readme.txt
- from %ProgramFiles(x86)%\aurora media workshop\is-iqked.tmp to %ProgramFiles(x86)%\aurora media workshop\homepage.url
- from %ProgramFiles(x86)%\aurora media workshop\is-g50q6.tmp to %ProgramFiles(x86)%\aurora media workshop\buynow.url
- from %ProgramFiles(x86)%\aurora media workshop\is-sil6d.tmp to %ProgramFiles(x86)%\aurora media workshop\nctaudiofile2.dll
- from %WINDIR%\syswow64\is-c82a4.tmp to %WINDIR%\syswow64\atl.exe
- from %ProgramFiles(x86)%\aurora media workshop\is-mo4h6.tmp to %ProgramFiles(x86)%\aurora media workshop\setup.ini
- from %ProgramFiles(x86)%\aurora media workshop\forceaspi17\is-8k2lg.tmp to %ProgramFiles(x86)%\aurora media workshop\forceaspi17\installaspi.bat
- ClassName: 'nuewduwbfbeuibewbf' WindowName: ''
- '%TEMP%\is-qphmo.tmp\<File name>.tmp' /SL5="$B021C,13755357,215040,<Full path to file>"
- '%ProgramFiles(x86)%\aurora media workshop\wmfdist.exe' /Q:A /R:N
- '%ProgramFiles(x86)%\aurora media workshop\aurora media workshop.exe' <File name>.exe
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Aurora Media Workshop\VideoEdit.ocx"
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Aurora Media Workshop\mpeg2dmx.ax"
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Aurora Media Workshop\mpgdec.ax"
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Aurora Media Workshop\msdxm.ocx"
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Aurora Media Workshop\DirectEncode.dll"
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Aurora Media Workshop\viscomwave.dll"
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Aurora Media Workshop\NCTAudioFile2.dll"
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Aurora Media Workshop\NCTAudioPlayer2.dll"
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Aurora Media Workshop\NCTAudioRecord2.dll"
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Aurora Media Workshop\NCTAudioVisualization2.dll"
- '%WINDIR%\syswow64\regsvr32.exe' /s "%ProgramFiles(x86)%\Aurora Media Workshop\WMVProfileEditor.ocx"