Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'mplayer' = '%PROGRAM_FILES%\Windows Media Player\wmUnInstall.cpl'
- %HOMEPATH%\Start Menu\Programs\Startup\Shortcut to startup_local.lnk
- User Account Control (UAC)
- <SYSTEM32>\shutdown.exe -r -f -t 00
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\A479533EBF4F54D475D7B599C8FF1[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\BBFF8ED9BF1490FB74EF88764CA2B[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\C33EA37E42F0A2D61D281D1D5912B4[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\898788D35CB3E86AD144D1211B388D[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\8CEEC8149CA55225EBCC0B668BD28[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\A441DEEA5B6E3413876B38D4A155E1[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\C736A355F5C3A230968347D8F4C14[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\F95091CDFB594606AF86F0C6C9A[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\FA4DD27C32E9874A17757E97489C7A[1].jpg
- %HOMEPATH%\My Documents\My Music\Sample Music.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\D21BB52564361BB53C5DF0F5EF3C[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\EF6FAE8FDF4F641813A37248D7551[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\F67471F499193AEFE6577D35B3F453[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\46945095A1192C5E79A061508F5A[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\D04DCF35BA5D5F8794E1F4AB534EA[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\DCE06D5B11AC29F14CFA163699C3B[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\E6A53F539D5B43E6DB45B115ED5DE[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\AD2421123161337426CE8EDFE9D286[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\B8F195D5C625A66D1A9CB4556A25[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\C7E9B81CC78AF7F334BF1E57E97EE[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\F858474EB11E71A027BD572A933E1[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\22AB9C71E94F6966F04B662049D3B2[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\29B9FD62C7F84E8A554807673CCF5[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\3097345C2562507A54A320738111[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\NavBar[1].xml
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\1A6C9F0F38572BD8028852BEDEC13[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\1D4FFF6DE1AEBD4CEF1C7F1452D[1].jpg
- %HOMEPATH%\Start Menu\Programs\Accessories\Notepad.lnk
- %HOMEPATH%\Start Menu\Programs\Accessories\Program Compatibility Wizard.lnk
- %HOMEPATH%\Start Menu\Programs\Accessories\Synchronize.lnk
- %HOMEPATH%\Start Menu\Programs\Accessories\Address Book.lnk
- %HOMEPATH%\Start Menu\Programs\Accessories\Command Prompt.lnk
- %HOMEPATH%\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk
- %HOMEPATH%\Start Menu\Programs\Accessories\Tour Windows XP.lnk
- %HOMEPATH%\Start Menu\Programs\Remote Assistance.lnk
- %HOMEPATH%\Start Menu\Programs\Windows Media Player.lnk
- %HOMEPATH%\Templates\excel.xls
- %HOMEPATH%\Start Menu\Programs\Accessories\Windows Explorer.lnk
- %HOMEPATH%\Start Menu\Programs\Internet Explorer.lnk
- %HOMEPATH%\Start Menu\Programs\Outlook Express.lnk
- %HOMEPATH%\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk
- %HOMEPATH%\Recent\video.lnk
- %HOMEPATH%\Recent\vmscsi.lnk
- %HOMEPATH%\Recent\vmx_svga.lnk
- %HOMEPATH%\My Documents\My Pictures\Sample Pictures.lnk
- %HOMEPATH%\Recent\mouse.lnk
- %HOMEPATH%\Recent\scsi.lnk
- %HOMEPATH%\Recent\<Auxiliary name> (2).lnk
- %HOMEPATH%\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk
- %HOMEPATH%\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk
- %HOMEPATH%\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk
- %HOMEPATH%\Recent\<Auxiliary name>.lnk
- %HOMEPATH%\Recent\xxmouse.lnk
- %HOMEPATH%\Start Menu\Far.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\ADA5DEA01BBF7ADEE426CAEDC7D758[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\C01537BDF704C6BDD45A34DC94F9[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\EFC8FB28495C28E8ECF3F16E2B2964[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\63212C31DFE99880DDEE44BEE75[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\882EFB257E7465D7B6635A7E37B0[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\9B5E4A6AC49632859858DC23FFED32[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\F3A559EF22035881817C2E90C98D[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\243EB41653B13AAC7478E5B7BF22B[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\30DDF549F8A04A366E72EE82A91E20[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\323965AF1DD2EC1C97FF2D0E11AC8[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\F627C1BE82812A2572D6A4652557BA[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\kvlc[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\kvwrap[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\5CF16DE630438C502BA8448921A34B[1].jpg
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
- <LS_APPDATA>\Microsoft\Windows Media\9.0\WMSDKNS.XML
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\04F394908627E5E948CD862CA29D[1].jpg
- %PROGRAM_FILES%\Windows Media Player\wmUnInstall.cpl
- %PROGRAM_FILES%\Windows Media Player\MPConfig_.ini
- %PROGRAM_FILES%\Windows Media Player\CRYPTTEMP
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\07D1F36E33949B7C68D62519152[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\3564127DCB1D39D50C79BCDCC96C[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\3E97E63B509EB7FBF6488B17BFAF8D[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\52313F83584EB0ED47DA7B1B4170[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\1E5ADBCC3A86BBD55C3E87DF4D9ED8[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\34CDA9506D39A01DC809CFB8711[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\35262A37FFA5A5BAA4996CA32B8098[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\kv_logof[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\2EE8DAB2A14AC14613D59B37BF5C4C[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\31D6CF613DCE652EE5373C172D9[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\E4FEBBC3AD7741B1DD320B09ABB5E[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\E514A0B43ECC3F196EF5A53CBCC447[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\kvrc[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\3E36B6651EEF72A62EF52B8295698[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\67E69B80B12B19E4515C4D8C8DD73[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\6839FCA4D445BFA21B2BC7CAEAE1D[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\84D8EBD81C7ADB3120A859A8A6C6DE[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\5D6F6A7B6435E4857AE20303A2E6[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\5E8EB246885090BB699BBB2C59DBF6[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\62699326E6A9F8FD8E34FBFF3A35CA[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\CEE573942B46AC97112655050BC[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\5D43FEC3F9BD416D151EAA6BD6176A[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\60CB88EBF6F0438748A881A49DEE63[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\688850C560414B517D34A2E86FD8D[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\3637D65C41D29B88A6368882166F[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\51EE408B63CDEB903E2243C6938D40[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\5742ECCEEF5583F46AFACEB54EAFFC[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\6C4F727B5EEEB1AC2D163A8E519D1[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\B8A1A994F4336CFC004F2B594CE0[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\B8FB12415C455388F8D825EB5A6CB6[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\C44C109BA3922778FCC4638545EE5F[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\731042614F8E9B3698BBEE93354228[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\7F8851AAB2456F3D6CA9D7CCE22F2A[1].png
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\9EA7DAF3C7F7C4611DB20558F4211[1].jpg
- %PROGRAM_FILES%\Windows Media Player\CRYPTTEMP
- ClassName: 'Indicator' WindowName: ''