Technical Information
- [<HKLM>\System\CurrentControlSet\Services\LdBoxDrv] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\LdBoxDrv] 'ImagePath' = '%ProgramFiles%\dnplayerext2\LdBoxDrv.sys'
- 'LdBoxDrv' %ProgramFiles%\dnplayerext2\LdBoxDrv.sys
- '%WINDIR%\syswow64\taskkill.exe' /F /IM LdBoxHeadless.exe /T
- '%WINDIR%\syswow64\taskkill.exe' /F /IM LdBoxSVC.exe /T
- '%WINDIR%\syswow64\taskkill.exe' /F /IM VirtualBox.exe /T
- '%WINDIR%\syswow64\taskkill.exe' /F /IM VBoxManage.exe /T
- <Current directory>\vms\config\leidian0.config
- %ProgramFiles%\dnplayerext2\vboxsharedfolders.dll
- %ProgramFiles%\dnplayerext2\vboxsuplib.dll
- %ProgramFiles%\dnplayerext2\vboxsvga3d.dll
- %ProgramFiles%\dnplayerext2\vboxtestogl.exe
- %ProgramFiles%\dnplayerext2\vboxvmm.dll
- %ProgramFiles%\dnplayerext2\vboxvmmpreload.exe
- %ProgramFiles%\dnplayerext2\virtualbox.exe
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-console-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-memory-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\vboxsharedcropengl.dll
- %ProgramFiles%\dnplayerext2\vboxsharedclipboard.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-file-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-file-l1-2-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-file-l2-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-handle-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-heap-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-interlocked-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-libraryloader-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-localization-l1-2-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-datetime-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-errorhandling-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\vboxddu.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-debug-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\vboxnetnat.exe
- %ProgramFiles%\dnplayerext2\vboxdtrace.exe
- %ProgramFiles%\dnplayerext2\vboxextpackhelperapp.exe
- %ProgramFiles%\dnplayerext2\vboxguestcontrolsvc.dll
- %ProgramFiles%\dnplayerext2\vboxguestpropsvc.dll
- %ProgramFiles%\dnplayerext2\vboxhostchannel.dll
- %ProgramFiles%\dnplayerext2\vboxinstallhelper.dll
- %ProgramFiles%\dnplayerext2\vboxmanage.exe
- %ProgramFiles%\dnplayerext2\vboxnetdhcp.exe
- %ProgramFiles%\dnplayerext2\vboxsampledevice.dll
- %ProgramFiles%\dnplayerext2\vboxsdl.exe
- %ProgramFiles%\dnplayerext2\vboxsampledriver.dll
- %ProgramFiles%\dnplayerext2\vboxoglhosterrorspu.dll
- %ProgramFiles%\dnplayerext2\vboxoglrenderspu.dll
- %ProgramFiles%\dnplayerext2\vboxplaygrounddevice.dll
- %ProgramFiles%\dnplayerext2\vboxproxystub.dll
- %ProgramFiles%\dnplayerext2\vboxproxystublegacy.dll
- %ProgramFiles%\dnplayerext2\vboxrem.dll
- %ProgramFiles%\dnplayerext2\vboxres.dll
- %ProgramFiles%\dnplayerext2\vboxrt.dll
- %ProgramFiles%\dnplayerext2\vboxnetfltnobj.dll
- %ProgramFiles%\dnplayerext2\vboxoglhostcrutil.dll
- %ProgramFiles%\dnplayerext2\vboxdraganddropsvc.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-namedpipe-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-profile-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\concrt140.dll
- %ProgramFiles%\dnplayerext2\x86\dasync.dll
- %ProgramFiles%\dnplayerext2\x86\libcrypto-1_1.dll
- %ProgramFiles%\dnplayerext2\x86\libcurl.dll
- %ProgramFiles%\dnplayerext2\x86\libeay32.dll
- %ProgramFiles%\dnplayerext2\x86\libssl-1_1.dll
- %ProgramFiles%\dnplayerext2\x86\msvcp100.dll
- %ProgramFiles%\dnplayerext2\x86\msvcp120.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-utility-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\capi.dll
- %ProgramFiles%\dnplayerext2\x86\msvcp140.dll
- %ProgramFiles%\dnplayerext2\x86\ossltest.dll
- %ProgramFiles%\dnplayerext2\x86\padlock.dll
- %ProgramFiles%\dnplayerext2\x86\ssleay32.dll
- %ProgramFiles%\dnplayerext2\x86\ucrtbase.dll
- %ProgramFiles%\dnplayerext2\x86\vboxclient-x86.dll
- %ProgramFiles%\dnplayerext2\x86\vboxproxystub-x86.dll
- %ProgramFiles%\dnplayerext2\x86\vboxrt-x86.dll
- %ProgramFiles%\dnplayerext2\x86\vccorlib140.dll
- %ProgramFiles%\dnplayerext2\x86\msvcr100.dll
- %ProgramFiles%\dnplayerext2\x86\msvcr120.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-processthreads-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-processenvironment-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-stdio-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-rtlsupport-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-string-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-synch-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-synch-l1-2-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-sysinfo-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-timezone-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-util-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-string-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-core-processthreads-l1-1-1.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-time-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-conio-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-heap-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-locale-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-math-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-multibyte-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-private-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-process-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-runtime-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-convert-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-environment-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\x86\api-ms-win-crt-filesystem-l1-1-0.dll
- %ProgramFiles%\dnplayerext2\vboxdd2.dll
- %ProgramFiles%\dnplayerext2\vboxdd.dll
- %ProgramFiles%\dnplayerext2\vboxdbg.dll
- %ProgramFiles%\dnplayerext2\dpinst_64.exe
- %ProgramFiles%\dnplayerext2\dpinst_86.exe
- %ProgramFiles%\dnplayerext2\ldboxdrv.sys
- %ProgramFiles%\dnplayerext2\ldboxheadless.exe
- %ProgramFiles%\dnplayerext2\ldboxnetlwf.sys
- %ProgramFiles%\dnplayerext2\ldboxsvc.exe
- %ProgramFiles%\dnplayerext2\ldvirtualbox.exe
- %ProgramFiles%\dnplayerext2\libcrypto-1_1-x64.dll
- %ProgramFiles%\dnplayerext2\dasync.dll
- %ProgramFiles%\dnplayerext2\netfltinstall.exe
- %ProgramFiles%\dnplayerext2\capi.dll
- %ProgramFiles%\dnplayerext2\msvcp100.dll
- %ProgramFiles%\dnplayerext2\msvcp120.dll
- %ProgramFiles%\dnplayerext2\msvcr100.dll
- %ProgramFiles%\dnplayerext2\msvcr120.dll
- %ProgramFiles%\dnplayerext2\netadp6install.exe
- %ProgramFiles%\dnplayerext2\netadp6uninstall.exe
- %ProgramFiles%\dnplayerext2\netadpinstall.exe
- %ProgramFiles%\dnplayerext2\netadpuninstall.exe
- %ProgramFiles%\dnplayerext2\libeay32.dll
- %ProgramFiles%\dnplayerext2\libcurl.dll
- %ProgramFiles%\dnplayerext2\libssl-1_1-x64.dll
- %ProgramFiles%\dnplayerext2\vboxefi64.fd
- %ProgramFiles%\dnplayerext2\ldvmmr0.r0
- %ProgramFiles%\dnplayerext2\comregister.cmd
- %ProgramFiles%\dnplayerext2\install.bat
- %ProgramFiles%\dnplayerext2\ldboxddr0.r0
- %ProgramFiles%\dnplayerext2\ldboxddrc.rc
- %ProgramFiles%\dnplayerext2\ldboxdrv-prew10.cat
- %ProgramFiles%\dnplayerext2\ldboxdrv.cat
- %ProgramFiles%\dnplayerext2\ldboxdrv.inf
- %ProgramFiles%\dnplayerext2\ldboxnetlwf-prew10.cat
- %ProgramFiles%\dnplayerext2\version.txt
- %ProgramFiles%\dnplayerext2\netfltuninstall.exe
- %APPDATA%\changzhi2\log\dnrepairer.log
- %ProgramFiles%\dnplayerext2\ldvmmrc.rc
- %ProgramFiles%\dnplayerext2\load.cmd
- %ProgramFiles%\dnplayerext2\load.sh
- %ProgramFiles%\dnplayerext2\loadall.cmd
- %ProgramFiles%\dnplayerext2\loadall.sh
- %ProgramFiles%\dnplayerext2\tstmicrorc.gc
- %ProgramFiles%\dnplayerext2\uninstall.bat
- %ProgramFiles%\dnplayerext2\vboxefi32.fd
- %ProgramFiles%\dnplayerext2\ldboxnetlwf.inf
- %ProgramFiles%\dnplayerext2\ldboxnetlwf.cat
- %ProgramFiles%\dnplayerext2\dbgplugindiggers.dll
- %ProgramFiles%\dnplayerext2\netlwfinstall.exe
- %ProgramFiles%\dnplayerext2\tstpdmasynccompletion.exe
- %ProgramFiles%\dnplayerext2\tstsslcertdownloads.exe
- %ProgramFiles%\dnplayerext2\tstvboxdbg.exe
- %ProgramFiles%\dnplayerext2\tstvmm-hm.exe
- %ProgramFiles%\dnplayerext2\tstvmm.exe
- %ProgramFiles%\dnplayerext2\tstvmreq.exe
- %ProgramFiles%\dnplayerext2\tstvmstructrc.exe
- %ProgramFiles%\dnplayerext2\usbinstall.exe
- %ProgramFiles%\dnplayerext2\tstmicro.exe
- %ProgramFiles%\dnplayerext2\tstinstremul.exe
- %ProgramFiles%\dnplayerext2\tstpdmasynccompletionstress.exe
- %ProgramFiles%\dnplayerext2\usbtest.exe
- %ProgramFiles%\dnplayerext2\vboxauthsimple.dll
- %ProgramFiles%\dnplayerext2\vboxautostartsvc.exe
- %ProgramFiles%\dnplayerext2\vboxballoonctrl.exe
- %ProgramFiles%\dnplayerext2\vboxbugreport.exe
- %ProgramFiles%\dnplayerext2\vboxc.dll
- %ProgramFiles%\dnplayerext2\vboxcapi.dll
- %ProgramFiles%\dnplayerext2\vboxcpureport.exe
- %ProgramFiles%\dnplayerext2\usbuninstall.exe
- %ProgramFiles%\dnplayerext2\vbox-img.exe
- %ProgramFiles%\dnplayerext2\vboxauth.dll
- %ProgramFiles%\dnplayerext2\tstint.exe
- %ProgramFiles%\dnplayerext2\tstdevicestructsizerc.exe
- %ProgramFiles%\dnplayerext2\netlwfuninstall.exe
- %ProgramFiles%\dnplayerext2\padlock.dll
- %ProgramFiles%\dnplayerext2\platforms\qminimal.dll
- %ProgramFiles%\dnplayerext2\platforms\qoffscreen.dll
- %ProgramFiles%\dnplayerext2\platforms\qwindows.dll
- %ProgramFiles%\dnplayerext2\qt5core.dll
- %ProgramFiles%\dnplayerext2\qt5gui.dll
- %ProgramFiles%\dnplayerext2\qt5opengl.dll
- %ProgramFiles%\dnplayerext2\qt5printsupport.dll
- %ProgramFiles%\dnplayerext2\qt5widgets.dll
- %ProgramFiles%\dnplayerext2\ossltest.dll
- %ProgramFiles%\dnplayerext2\qt5winextras.dll
- %ProgramFiles%\dnplayerext2\regsvr32_x64.exe
- %ProgramFiles%\dnplayerext2\regsvr32_x86.exe
- %ProgramFiles%\dnplayerext2\sdl.dll
- %ProgramFiles%\dnplayerext2\ssleay32.dll
- %ProgramFiles%\dnplayerext2\supinstall.exe
- %ProgramFiles%\dnplayerext2\suploggerctl.exe
- %ProgramFiles%\dnplayerext2\supuninstall.exe
- %ProgramFiles%\dnplayerext2\tstanimate.exe
- %ProgramFiles%\dnplayerext2\tstasmstructsrc.exe
- %ProgramFiles%\dnplayerext2\regsvc.dll
- %ProgramFiles%\dnplayerext2\x86\vcruntime140.dll
- %WINDIR%\temp\udd1016.tmp
- %WINDIR%\temp\udd1016.tmp
- ClassName: '' WindowName: ''
- '%ProgramFiles%\dnplayerext2\ldboxsvc.exe' /RegServer
- '%WINDIR%\syswow64\net.exe' start cryptsvc' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' "%ProgramFiles%\dnplayerext2\x86\VBoxProxyStub-x86.dll" /s' (with hidden window)
- '<SYSTEM32>\regsvr32.exe' "%ProgramFiles%\dnplayerext2\VBoxProxyStub.dll" /s' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' "%ProgramFiles%\dnplayerext2\x86\VBoxClient-x86.dll" /s' (with hidden window)
- '<SYSTEM32>\regsvr32.exe' "%ProgramFiles%\dnplayerext2\VBoxC.dll" /s' (with hidden window)
- '%ProgramFiles%\dnplayerext2\ldboxsvc.exe' /RegServer' (with hidden window)
- '%WINDIR%\syswow64\taskkill.exe' /F /IM VBoxManage.exe /T' (with hidden window)
- '%WINDIR%\syswow64\taskkill.exe' /F /IM VirtualBox.exe /T' (with hidden window)
- '%WINDIR%\syswow64\sc.exe' create LdBoxDrv binPath= "%ProgramFiles%\dnplayerext2\LdBoxDrv.sys" type= kernel start= auto' (with hidden window)
- '%WINDIR%\syswow64\taskkill.exe' /F /IM LdBoxSVC.exe /T' (with hidden window)
- '%WINDIR%\syswow64\icacls.exe' "<Current directory>\vms" /grant everyone:F /t' (with hidden window)
- '%WINDIR%\syswow64\takeown.exe' /f "<Current directory>\vms" /r /d y' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' cryptdlg.dll /s' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' rsaenh.dll /s' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' dssenh.dll /s' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' Initpki.dll /s' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' Wintrust.dll /s' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' Softpub.dll /s' (with hidden window)
- '%WINDIR%\syswow64\taskkill.exe' /F /IM LdBoxHeadless.exe /T' (with hidden window)
- '%WINDIR%\syswow64\sc.exe' start LdBoxDrv' (with hidden window)
- '%WINDIR%\syswow64\net.exe' start cryptsvc
- '%WINDIR%\syswow64\net1.exe' start cryptsvc
- '%WINDIR%\syswow64\regsvr32.exe' Softpub.dll /s
- '%WINDIR%\syswow64\regsvr32.exe' Wintrust.dll /s
- '%WINDIR%\syswow64\regsvr32.exe' Initpki.dll /s
- '%WINDIR%\syswow64\regsvr32.exe' dssenh.dll /s
- '%WINDIR%\syswow64\regsvr32.exe' rsaenh.dll /s
- '%WINDIR%\syswow64\regsvr32.exe' cryptdlg.dll /s
- '%WINDIR%\syswow64\takeown.exe' /f "<Current directory>\vms" /r /d y
- '%WINDIR%\syswow64\icacls.exe' "<Current directory>\vms" /grant everyone:F /t
- '<SYSTEM32>\regsvr32.exe' "%ProgramFiles%\dnplayerext2\VBoxC.dll" /s
- '%WINDIR%\syswow64\regsvr32.exe' "%ProgramFiles%\dnplayerext2\x86\VBoxClient-x86.dll" /s
- '<SYSTEM32>\regsvr32.exe' "%ProgramFiles%\dnplayerext2\VBoxProxyStub.dll" /s
- '%WINDIR%\syswow64\regsvr32.exe' "%ProgramFiles%\dnplayerext2\x86\VBoxProxyStub-x86.dll" /s
- '%WINDIR%\syswow64\sc.exe' create LdBoxDrv binPath= "%ProgramFiles%\dnplayerext2\LdBoxDrv.sys" type= kernel start= auto
- '%WINDIR%\syswow64\sc.exe' start LdBoxDrv