Technical Information
- [<HKLM>\Software\Classes\UltraISO\shell\open\command] '' = '"%ProgramFiles(x86)%\UltraISO\UltraISO.exe" "%1"'
- [<HKLM>\Software\Classes\binimage\shell\open\command] '' = '"%ProgramFiles(x86)%\UltraISO\UltraISO.exe" "%1"'
- [<HKLM>\System\CurrentControlSet\Services\ISODrive] 'Start' = '00000001'
- [<HKLM>\System\CurrentControlSet\Services\ISODrive] 'ImagePath' = '%ProgramFiles(x86)%\UltraISO\drivers\ISODrv64.sys'
- %TEMP%\rarsfx0\pro\ultraiso.exe
- %ProgramFiles(x86)%\ultraiso\lang\is-e2cs3.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-ee23s.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-2o7h0.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-a8ii0.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-sl1j6.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-gtc6d.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-ge68n.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-sg9vi.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-1kb9u.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-i83n5.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-n9une.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-dkig6.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-6ft03.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-s3vqi.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-7r6qp.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-gjvkr.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-furmu.tmp
- %ProgramFiles(x86)%\ultraiso\unins000.dat
- %HOMEPATH%\desktop\ultraiso.lnk
- %PROGRAMDATA%\microsoft\windows\start menu\programs\ultraiso\uninstall ultraiso.lnk
- %PROGRAMDATA%\microsoft\windows\start menu\programs\ultraiso\ultraiso revision history.lnk
- %PROGRAMDATA%\microsoft\windows\start menu\programs\ultraiso\ultraiso readme.lnk
- %ProgramFiles(x86)%\ultraiso\lang\is-jvn7j.tmp
- %PROGRAMDATA%\microsoft\windows\start menu\programs\ultraiso\ultraiso web site.url
- %PROGRAMDATA%\microsoft\windows\start menu\programs\ultraiso\ultraiso help.lnk
- %PROGRAMDATA%\microsoft\windows\start menu\programs\ultraiso\ultraiso.lnk
- %ProgramFiles(x86)%\ultraiso\lang\is-d4thl.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-hdu4u.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-15ei8.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-fskpc.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-p7q4k.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-9jg4p.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-ri78s.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-b3414.tmp
- %TEMP%\rarsfx0\settings.reg
- %TEMP%\rarsfx0\setup.exe
- %TEMP%\bt2282.bat
- %TEMP%\is-i29jq.tmp\is-sm3t2.tmp
- %TEMP%\is-c7m2d.tmp\_isetup\_regdll.tmp
- %TEMP%\is-c7m2d.tmp\_isetup\_setup64.tmp
- %TEMP%\is-c7m2d.tmp\_isetup\_shfoldr.dll
- %ProgramFiles(x86)%\ultraiso\is-128d8.tmp
- %ProgramFiles(x86)%\ultraiso\is-8vogo.tmp
- %ProgramFiles(x86)%\ultraiso\is-53n4f.tmp
- %ProgramFiles(x86)%\ultraiso\drivers\is-cjuib.tmp
- %ProgramFiles(x86)%\ultraiso\drivers\is-66jfs.tmp
- %ProgramFiles(x86)%\ultraiso\drivers\is-mbiss.tmp
- %CommonProgramFiles(x86)%\ezb systems\is-sc9s3.tmp
- %TEMP%\rarsfx0\install.exe
- %ProgramFiles(x86)%\ultraiso\is-0t6fb.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-uv6jk.tmp
- %ProgramFiles(x86)%\ultraiso\is-cje3t.tmp
- %ProgramFiles(x86)%\ultraiso\is-17nfu.tmp
- %ProgramFiles(x86)%\ultraiso\is-7ju6e.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-pkuq6.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-4p5d2.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-91vsn.tmp
- %PROGRAMDATA%\microsoft\windows\start menu\programs\ultraiso\ultraiso online order.url
- %ProgramFiles(x86)%\ultraiso\lang\is-sac1b.tmp
- %WINDIR%\temp\udde4aa.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-2a39v.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-asvef.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-bq40a.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-58q1p.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-ojcic.tmp
- %ProgramFiles(x86)%\ultraiso\lang\is-gqvj3.tmp
- %ProgramFiles(x86)%\ultraiso\ultraiso.exe
- %TEMP%\bt2282.bat
- %TEMP%\is-c7m2d.tmp\_isetup\_regdll.tmp
- %TEMP%\is-c7m2d.tmp\_isetup\_setup64.tmp
- %TEMP%\is-c7m2d.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-i29jq.tmp\is-sm3t2.tmp
- %HOMEPATH%\desktop\ultraiso.lnk
- %WINDIR%\temp\udde4aa.tmp
- %TEMP%\bt2282.bat
- %TEMP%\rarsfx0\install.exe
- %TEMP%\rarsfx0\settings.reg
- %TEMP%\rarsfx0\setup.exe
- %TEMP%\rarsfx0\pro\ultraiso.exe
- from %ProgramFiles(x86)%\ultraiso\is-128d8.tmp to %ProgramFiles(x86)%\ultraiso\unins000.exe
- from %ProgramFiles(x86)%\ultraiso\lang\is-7r6qp.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_yu.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-e2cs3.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_by.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-ee23s.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_he.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-2o7h0.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_br.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-a8ii0.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_dk.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-sl1j6.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_no.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-gtc6d.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_lv.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-ge68n.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_ar.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-9jg4p.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_kr.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-s3vqi.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_gr.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-sg9vi.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_si.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-n9une.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_et.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-dkig6.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_sk.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-6ft03.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_ct.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-gjvkr.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_fi.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-furmu.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_mk.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-p7q4k.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_hr.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-fskpc.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_ro.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-15ei8.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_lt.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-1kb9u.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_cn.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-i83n5.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_tw.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-ri78s.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_tr.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-b3414.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_bg.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-uv6jk.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_ua.dll
- from %ProgramFiles(x86)%\ultraiso\is-53n4f.tmp to %ProgramFiles(x86)%\ultraiso\isoshl64.dll
- from %ProgramFiles(x86)%\ultraiso\drivers\is-cjuib.tmp to %ProgramFiles(x86)%\ultraiso\drivers\isodrive.sys
- from %ProgramFiles(x86)%\ultraiso\drivers\is-66jfs.tmp to %ProgramFiles(x86)%\ultraiso\drivers\isodrv64.sys
- from %ProgramFiles(x86)%\ultraiso\drivers\is-mbiss.tmp to %ProgramFiles(x86)%\ultraiso\drivers\isocmd.exe
- from %CommonProgramFiles(x86)%\ezb systems\is-sc9s3.tmp to %CommonProgramFiles(x86)%\ezb systems\lame_enc.dll
- from %ProgramFiles(x86)%\ultraiso\is-0t6fb.tmp to %ProgramFiles(x86)%\ultraiso\ultraiso.chm
- from %ProgramFiles(x86)%\ultraiso\is-cje3t.tmp to %ProgramFiles(x86)%\ultraiso\license.txt
- from %ProgramFiles(x86)%\ultraiso\is-17nfu.tmp to %ProgramFiles(x86)%\ultraiso\readme.txt
- from %ProgramFiles(x86)%\ultraiso\is-7ju6e.tmp to %ProgramFiles(x86)%\ultraiso\history.txt
- from %ProgramFiles(x86)%\ultraiso\is-8vogo.tmp to %ProgramFiles(x86)%\ultraiso\ultraiso.exe
- from %ProgramFiles(x86)%\ultraiso\lang\is-pkuq6.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_de.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-91vsn.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_it.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-sac1b.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_es.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-jvn7j.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_pt.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-gqvj3.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_nl.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-2a39v.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_se.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-asvef.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_pl.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-bq40a.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_cz.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-58q1p.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_hu.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-ojcic.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_ru.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-4p5d2.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_fr.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-hdu4u.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_sr.dll
- from %ProgramFiles(x86)%\ultraiso\lang\is-d4thl.tmp to %ProgramFiles(x86)%\ultraiso\lang\lang_ir.dll
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- '%TEMP%\rarsfx0\install.exe'
- '%TEMP%\rarsfx0\setup.exe' /VERYSILENT /SP-
- '%TEMP%\is-i29jq.tmp\is-sm3t2.tmp' /SL4 $70246 "%TEMP%\RarSFX0\Setup.exe" 2909749 52736 /VERYSILENT /SP-
- '%ProgramFiles(x86)%\ultraiso\drivers\isocmd.exe' -i
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\bt2282.bat' (with hidden window)
- '%ProgramFiles(x86)%\ultraiso\drivers\isocmd.exe' -i' (with hidden window)
- '%WINDIR%\syswow64\cmd.exe' /c %TEMP%\bt2282.bat
- '<SYSTEM32>\regsvr32.exe' /s "%ProgramFiles(x86)%\UltraISO\isoshl64.dll"
- '%WINDIR%\syswow64\xcopy.exe' "pro\*.*" "%ProgramFiles(x86)%\UltraISO" /i /r /v /k /f /c /h /y
- '%WINDIR%\syswow64\regedit.exe' /S settings.reg