Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'msacm.msaudio1' = 'msaud32.acm'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.M261' = 'msh261.drv'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'msacm.iac2' = '<SYSTEM32>\iac25_32.ax'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'msacm.sl_anet' = 'sl_anet.acm'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'wavemapper' = 'msacm32.drv'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.yvyu' = 'msyuv.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.M263' = 'msh263.drv'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'msacm.msg723' = 'msg723.acm'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.iv50' = 'ir50_32.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'GrpConv' = 'grpconv -o'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Ivfsrc.ax' = '<SYSTEM32>\regsvr32.exe /s <SYSTEM32>\Ivfsrc.ax'
- [<HKLM>\SOFTWARE\Classes\MSProgramGroup\Shell\Open\Command] '' = '<SYSTEM32>\grpconv.exe %1'
- [<HKLM>\SOFTWARE\Classes\IVFfile\shell\open\command] '' = 'RunDll32.exe <SYSTEM32>\wmpdxm.dll,RunDll /play %1'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'ir50_32.dll' = '<SYSTEM32>\regsvr32.exe /s <SYSTEM32>\ir50_32.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'msacm.l3acm' = '<SYSTEM32>\l3codeca.acm'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Ia25_32.ax' = '<SYSTEM32>\regsvr32.exe /s <SYSTEM32>\Ia25_32.ax'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Ir41_32.ax' = '<SYSTEM32>\regsvr32.exe /s <SYSTEM32>\Ir41_32.ax'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'msacm.trspch' = 'tssoft32.acm'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'msacm.msgsm610' = 'msgsm32.acm'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.I420' = 'msh263.drv'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.cvid' = 'iccvid.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'msacm.imaadpcm' = 'imaadp32.acm'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'midimapper' = 'midimap.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'msacm.msg711' = 'msg711.acm'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'msacm.msadpcm' = 'msadp32.acm'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.iv31' = 'ir32_32.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.uyvy' = 'msyuv.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.msvc' = 'msvidc32.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.yvu9' = 'iyvu9_32.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.yuy2' = 'msyuv.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.iv41' = 'ir41_32.ax'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.iv32' = 'ir32_32.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.mrle' = 'msrle32.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] 'vidc.iyuv' = 'iyuv_32.dll'
- <SYSTEM32>\SET13.tmp
- %WINDIR%\Temp\OLD12.tmp
- %WINDIR%\LastGood\TMP14.tmp
- <SYSTEM32>\SET16.tmp
- %WINDIR%\Temp\OLD15.tmp
- %WINDIR%\LastGood\TMP11.tmp
- %WINDIR%\Temp\OLDD.tmp
- %WINDIR%\LastGood\TMPC.tmp
- <SYSTEM32>\SETE.tmp
- <SYSTEM32>\SET10.tmp
- <SYSTEM32>\SETF.tmp
- %WINDIR%\Temp\OLD1E.tmp
- %WINDIR%\LastGood\TMP1D.tmp
- <SYSTEM32>\SET1F.tmp
- <SYSTEM32>\SET21.tmp
- <SYSTEM32>\SET20.tmp
- <SYSTEM32>\SET1C.tmp
- %WINDIR%\Temp\OLD18.tmp
- %WINDIR%\LastGood\TMP17.tmp
- <SYSTEM32>\SET19.tmp
- %WINDIR%\Temp\OLD1B.tmp
- %WINDIR%\LastGood\TMP1A.tmp
- <SYSTEM32>\SETB.tmp
- %TEMP%\IXP000.TMP\Ir41_32.ax
- %TEMP%\IXP000.TMP\Ir32_32.dll
- %TEMP%\IXP000.TMP\Ir41_qc.dll
- %TEMP%\IXP000.TMP\Ivfsrc.ax
- %TEMP%\IXP000.TMP\Ir41_qcx.dll
- %TEMP%\IXP000.TMP\indounin.dll
- %TEMP%\IXP000.TMP\Ir50_qc.dll
- %TEMP%\IXP000.TMP\Ir50_32.dll
- %TEMP%\IXP000.TMP\Ir50_qcx.dll
- %TEMP%\IXP000.TMP\Iacenc.dll
- %TEMP%\IXP000.TMP\Iac25_32.ax
- %WINDIR%\Temp\OLD7.tmp
- %WINDIR%\LastGood\TMP6.tmp
- <SYSTEM32>\SET8.tmp
- %WINDIR%\Temp\OLDA.tmp
- %WINDIR%\LastGood\TMP9.tmp
- <SYSTEM32>\SET5.tmp
- %TEMP%\IXP000.TMP\Npindeo.dll
- %TEMP%\IXP000.TMP\Iyvu9_32.dll
- %TEMP%\IXP000.TMP\Indeo5.inf
- %WINDIR%\Temp\OLD4.tmp
- %WINDIR%\LastGood\TMP3.tmp
- %WINDIR%\Temp\OLD18.tmp
- %WINDIR%\Temp\OLD15.tmp
- %WINDIR%\Temp\OLD1E.tmp
- %WINDIR%\Temp\OLD1B.tmp
- %WINDIR%\Temp\OLD12.tmp
- %WINDIR%\Temp\OLD7.tmp
- %WINDIR%\Temp\OLD4.tmp
- %WINDIR%\Temp\OLDD.tmp
- %WINDIR%\Temp\OLDA.tmp
- <SYSTEM32>\SETB.tmp
- <SYSTEM32>\SETE.tmp
- <SYSTEM32>\SET5.tmp
- <SYSTEM32>\SET8.tmp
- <SYSTEM32>\SET13.tmp
- <SYSTEM32>\SET1C.tmp
- <SYSTEM32>\SET1F.tmp
- <SYSTEM32>\SET16.tmp
- <SYSTEM32>\SET19.tmp
- from %WINDIR%\LastGood\TMP1A.tmp to %WINDIR%\LastGood\system32\Ir41_qcx.dll
- from %WINDIR%\LastGood\TMP17.tmp to %WINDIR%\LastGood\system32\Ir41_qc.dll
- from %WINDIR%\LastGood\TMP14.tmp to %WINDIR%\LastGood\system32\Ir41_32.ax
- from <SYSTEM32>\SET21.tmp to <SYSTEM32>\Npindeo.dll
- from <SYSTEM32>\SET20.tmp to <SYSTEM32>\Iyvu9_32.dll
- from %WINDIR%\LastGood\TMP1D.tmp to %WINDIR%\LastGood\system32\Ivfsrc.ax
- from %WINDIR%\LastGood\TMP11.tmp to %WINDIR%\LastGood\system32\Ir32_32.dll
- from %WINDIR%\LastGood\TMP9.tmp to %WINDIR%\LastGood\system32\Ir50_qcx.dll
- from %WINDIR%\LastGood\TMP6.tmp to %WINDIR%\LastGood\system32\Ir50_qc.dll
- from %WINDIR%\LastGood\TMP3.tmp to %WINDIR%\LastGood\system32\Ir50_32.dll
- from <SYSTEM32>\SET10.tmp to <SYSTEM32>\indounin.dll
- from <SYSTEM32>\SETF.tmp to <SYSTEM32>\Iacenc.dll
- from %WINDIR%\LastGood\TMPC.tmp to %WINDIR%\LastGood\system32\Iac25_32.ax
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Ia25_32.ax
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Ivfsrc.ax
- '<SYSTEM32>\grpconv.exe' -o
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Ir41_32.ax
- '<SYSTEM32>\rundll32.exe' setupapi.dll,InstallHinfSection DefaultInstall 128 %TEMP%\IXP000.TMP\Indeo5.inf
- '<SYSTEM32>\runonce.exe' -r
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\ir50_32.dll