Technical Information
Malicious functions
Searches for windows to
detect programs and games:
- ClassName: '_Oscar_StatusNotify', WindowName: ''
- ClassName: 'gdkWindowToplevel', WindowName: ''
Modifies file system
Creates the following files
- %WINDIR%\1.exe
- %TEMP%\cfj31f.tmp
- %TEMP%\cfj30f.tmp
- %TEMP%\cfj30e.tmp
- %TEMP%\cfj2fd.tmp
- %TEMP%\cfj2fc.tmp
- %TEMP%\cfj2eb.tmp
- %TEMP%\cfj2db.tmp
- %TEMP%\cfj2da.tmp
- %TEMP%\cfj2c8.tmp
- %TEMP%\cfj331.tmp
- %TEMP%\cfj2b7.tmp
- %TEMP%\cfj2b6.tmp
- %TEMP%\cfj2a6.tmp
- %TEMP%\cfj295.tmp
- %TEMP%\cfj294.tmp
- %TEMP%\cfj284.tmp
- %TEMP%\cfj283.tmp
- %TEMP%\cfj2c9.tmp
- %TEMP%\cfj1f8.tmp
- %TEMP%\cfj332.tmp
- %TEMP%\cfj410.tmp
- %TEMP%\cfj3ff.tmp
- %TEMP%\cfj3fe.tmp
- %TEMP%\cfj3ee.tmp
- %TEMP%\cfj3ed.tmp
- %TEMP%\cfj3dc.tmp
- %TEMP%\cfj3db.tmp
- %TEMP%\cfj3ca.tmp
- %TEMP%\cfj262.tmp
- %TEMP%\cfj330.tmp
- %TEMP%\cfj3b8.tmp
- %TEMP%\cfj3a7.tmp
- %TEMP%\cfj397.tmp
- %TEMP%\cfj386.tmp
- %TEMP%\cfj375.tmp
- %TEMP%\cfj374.tmp
- %TEMP%\cfj354.tmp
- %TEMP%\cfj353.tmp
- %TEMP%\cfj3b9.tmp
- %TEMP%\cfj342.tmp
- %TEMP%\cfj261.tmp
- %TEMP%\cfj260.tmp
- %TEMP%\cfj250.tmp
- %TEMP%\cfj107.tmp
- %TEMP%\cfj15d.tmp
- %TEMP%\cfj14c.tmp
- %TEMP%\cfj13c.tmp
- %TEMP%\cfj13b.tmp
- %TEMP%\cfj12a.tmp
- %TEMP%\cfj129.tmp
- %TEMP%\cfj118.tmp
- %TEMP%\cfj411.tmp
- %TEMP%\cfj17e.tmp
- %TEMP%\cfj106.tmp
- %TEMP%\cfjf5.tmp
- %TEMP%\cfje5.tmp
- %TEMP%\cfje4.tmp
- %TEMP%\cfjd3.tmp
- %TEMP%\cfjd2.tmp
- %TEMP%\cfjc1.tmp
- %TEMP%\cfjc0.tmp
- %TEMP%\cfj108.tmp
- %TEMP%\cfj3ba.tmp
- %TEMP%\cfj17f.tmp
- %TEMP%\cfj1a1.tmp
- %TEMP%\cfj190.tmp
- %TEMP%\cfj24f.tmp
- %TEMP%\cfj23e.tmp
- %TEMP%\cfj23d.tmp
- %TEMP%\cfj22c.tmp
- %TEMP%\cfj21c.tmp
- %TEMP%\cfj21b.tmp
- %TEMP%\cfj21a.tmp
- %TEMP%\cfj191.tmp
- %TEMP%\cfj209.tmp
- %TEMP%\cfj16e.tmp
- %TEMP%\cfj1e7.tmp
- %TEMP%\cfj1d6.tmp
- %TEMP%\cfj1d5.tmp
- %TEMP%\cfj1c5.tmp
- %TEMP%\cfj1c4.tmp
- %TEMP%\cfj1b3.tmp
- %TEMP%\cfj1a2.tmp
- %TEMP%\cfj1f9.tmp
- %TEMP%\cfj422.tmp
- %TEMP%\cfj432.tmp
- %TEMP%\cfj433.tmp
- %TEMP%\cfj750.tmp
- %TEMP%\cfj73f.tmp
- %TEMP%\cfj72e.tmp
- %TEMP%\cfj71e.tmp
- %TEMP%\cfj71d.tmp
- %TEMP%\cfj70c.tmp
- %TEMP%\cfj6fb.tmp
- %TEMP%\cfj6eb.tmp
- %TEMP%\cfj760.tmp
- %TEMP%\cfj6da.tmp
- %TEMP%\cfj6b9.tmp
- %TEMP%\cfj6a8.tmp
- %TEMP%\cfj698.tmp
- %TEMP%\cfj687.tmp
- %TEMP%\cfj676.tmp
- %TEMP%\cfj675.tmp
- %TEMP%\cfj665.tmp
- %TEMP%\cfj654.tmp
- %TEMP%\cfj6ca.tmp
- %TEMP%\cfj828.tmp
- %TEMP%\cfjb0.tmp
- %TEMP%\cfj782.tmp
- %TEMP%\cfj88e.tmp
- %TEMP%\cfj87e.tmp
- %TEMP%\cfj86d.tmp
- %TEMP%\cfj86c.tmp
- %TEMP%\cfj85c.tmp
- %TEMP%\cfj84b.tmp
- %TEMP%\cfj84a.tmp
- %TEMP%\cfj839.tmp
- %TEMP%\cfj653.tmp
- %TEMP%\cfj829.tmp
- %TEMP%\cfj817.tmp
- %TEMP%\cfj816.tmp
- %TEMP%\cfj805.tmp
- %TEMP%\cfj7f5.tmp
- %TEMP%\cfj7f4.tmp
- %TEMP%\cfj7e3.tmp
- %TEMP%\cfj7d3.tmp
- %TEMP%\cfj7a3.tmp
- %TEMP%\cfj771.tmp
- %TEMP%\cfj59a.tmp
- %TEMP%\cfj633.tmp
- %TEMP%\cfj504.tmp
- %TEMP%\cfj4f1.tmp
- %TEMP%\cfj4e0.tmp
- %TEMP%\cfj4df.tmp
- %TEMP%\cfj4cf.tmp
- %TEMP%\cfj4ce.tmp
- %TEMP%\cfj4bd.tmp
- %TEMP%\cfj4ad.tmp
- %TEMP%\cfj4ac.tmp
- %TEMP%\cfj4f2.tmp
- %TEMP%\cfj48b.tmp
- %TEMP%\cfj47a.tmp
- %TEMP%\cfj479.tmp
- %TEMP%\cfj468.tmp
- %TEMP%\cfj467.tmp
- %TEMP%\cfj456.tmp
- %TEMP%\cfj455.tmp
- %TEMP%\cfj445.tmp
- %TEMP%\cfj434.tmp
- %TEMP%\cfj48a.tmp
- %TEMP%\cfj89f.tmp
- %TEMP%\cfj621.tmp
- %TEMP%\cfj514.tmp
- %TEMP%\cfj611.tmp
- %TEMP%\cfj610.tmp
- %TEMP%\cfj5ff.tmp
- %TEMP%\cfj5fe.tmp
- %TEMP%\cfj5de.tmp
- %TEMP%\cfj5dd.tmp
- %TEMP%\cfj5cc.tmp
- %TEMP%\cfj5bc.tmp
- %TEMP%\cfj632.tmp
- %TEMP%\cfj5ab.tmp
- %TEMP%\cfj58a.tmp
- %TEMP%\cfj55a.tmp
- %TEMP%\cfj559.tmp
- %TEMP%\cfj548.tmp
- %TEMP%\cfj547.tmp
- %TEMP%\cfj527.tmp
- %TEMP%\cfj526.tmp
- %TEMP%\cfj525.tmp
- %TEMP%\cfj503.tmp
- %TEMP%\cfj781.tmp
- %TEMP%\cfjaf.tmp
- %TEMP%\cfjff51.tmp
- %TEMP%\cfjfb6b.tmp
- %TEMP%\cfjfb5b.tmp
- %TEMP%\cfjfb4a.tmp
- %TEMP%\cfjfb49.tmp
- %TEMP%\cfjfb38.tmp
- %TEMP%\cfjfb28.tmp
- %TEMP%\cfjfb17.tmp
- %TEMP%\cfjfb16.tmp
- %TEMP%\cfjfb05.tmp
- %TEMP%\cfjfb7d.tmp
- %TEMP%\cfjfaf4.tmp
- %TEMP%\cfjfaf3.tmp
- %TEMP%\cfjfae2.tmp
- %TEMP%\cfjfae1.tmp
- %TEMP%\cfjfad1.tmp
- %TEMP%\cfjfad0.tmp
- %TEMP%\cfjfabf.tmp
- %TEMP%\cfjfb15.tmp
- %TEMP%\cfjfa05.tmp
- %TEMP%\cfjfb7e.tmp
- %TEMP%\cfjfc5c.tmp
- %TEMP%\cfjfc4b.tmp
- %TEMP%\cfjfc4a.tmp
- %TEMP%\cfjfc3a.tmp
- %TEMP%\cfjfc29.tmp
- %TEMP%\cfjfc28.tmp
- %TEMP%\cfjfc18.tmp
- %TEMP%\cfjfc17.tmp
- %TEMP%\cfjfa9f.tmp
- %TEMP%\cfjfb6c.tmp
- %TEMP%\cfjfbe5.tmp
- %TEMP%\cfjfbe4.tmp
- %TEMP%\cfjfbd3.tmp
- %TEMP%\cfjfbc2.tmp
- %TEMP%\cfjfbc1.tmp
- %TEMP%\cfjfbb1.tmp
- %TEMP%\cfjfba0.tmp
- %TEMP%\cfjfb90.tmp
- %TEMP%\cfjfbf5.tmp
- %TEMP%\cfjfb8f.tmp
- %TEMP%\cfjfa8e.tmp
- %TEMP%\cfjfa7e.tmp
- %TEMP%\cfjfa7d.tmp
- %TEMP%\cfjf905.tmp
- %TEMP%\cfjf95b.tmp
- %TEMP%\cfjf95a.tmp
- %TEMP%\cfjf949.tmp
- %TEMP%\cfjf939.tmp
- %TEMP%\cfjf928.tmp
- %TEMP%\cfjf927.tmp
- %TEMP%\cfjf926.tmp
- %TEMP%\cfjfc5d.tmp
- %TEMP%\cfjf96d.tmp
- %TEMP%\cfjf904.tmp
- %TEMP%\cfjf8f3.tmp
- %TEMP%\cfjf8e3.tmp
- %TEMP%\cfjf8d2.tmp
- %TEMP%\cfjf8d1.tmp
- %TEMP%\cfjf8c0.tmp
- %TEMP%\cfjf8bf.tmp
- %TEMP%\cfjf8af.tmp
- %TEMP%\cfjf915.tmp
- %TEMP%\cfjfc06.tmp
- %TEMP%\cfjf97d.tmp
- %TEMP%\cfjf990.tmp
- %TEMP%\cfjf98e.tmp
- %TEMP%\cfjfa6c.tmp
- %TEMP%\cfjfa5b.tmp
- %TEMP%\cfjfa4b.tmp
- %TEMP%\cfjfa4a.tmp
- %TEMP%\cfjfa39.tmp
- %TEMP%\cfjfa28.tmp
- %TEMP%\cfjfa27.tmp
- %TEMP%\cfjf98f.tmp
- %TEMP%\cfjfa17.tmp
- %TEMP%\cfjf96c.tmp
- %TEMP%\cfjf9f5.tmp
- %TEMP%\cfjf9f4.tmp
- %TEMP%\cfjf9d3.tmp
- %TEMP%\cfjf9c3.tmp
- %TEMP%\cfjf9b2.tmp
- %TEMP%\cfjf9a1.tmp
- %TEMP%\cfjf9a0.tmp
- %TEMP%\cfjfa06.tmp
- %TEMP%\cfjfc6e.tmp
- %TEMP%\cfjfc7e.tmp
- %TEMP%\cfjfc7f.tmp
- %TEMP%\cfjff2e.tmp
- %TEMP%\cfjff1e.tmp
- %TEMP%\cfjff1d.tmp
- %TEMP%\cfjfeed.tmp
- %TEMP%\cfjfedc.tmp
- %TEMP%\cfjfedb.tmp
- %TEMP%\cfjfeda.tmp
- %TEMP%\cfjfeca.tmp
- %TEMP%\cfjff3f.tmp
- %TEMP%\cfjfeb9.tmp
- %TEMP%\cfjfea7.tmp
- %TEMP%\cfjfe97.tmp
- %TEMP%\cfjfe96.tmp
- %TEMP%\cfjfe85.tmp
- %TEMP%\cfjfe74.tmp
- %TEMP%\cfjfe73.tmp
- %TEMP%\cfjfe63.tmp
- %TEMP%\cfjfe52.tmp
- %TEMP%\cfjfea8.tmp
- %TEMP%\cfjffb8.tmp
- %TEMP%\cfj9e.tmp
- %TEMP%\cfjff61.tmp
- %TEMP%\cfj1f.tmp
- %TEMP%\cfje.tmp
- %TEMP%\cfjd.tmp
- %TEMP%\cfjc.tmp
- %TEMP%\cfjfffc.tmp
- %TEMP%\cfjffeb.tmp
- %TEMP%\cfjffdb.tmp
- %TEMP%\cfjffca.tmp
- %TEMP%\cfjfe51.tmp
- %TEMP%\cfjffc9.tmp
- %TEMP%\cfjffa8.tmp
- %TEMP%\cfjffa7.tmp
- %TEMP%\cfjff96.tmp
- %TEMP%\cfjff95.tmp
- %TEMP%\cfjff84.tmp
- %TEMP%\cfjff74.tmp
- %TEMP%\cfjff73.tmp
- %TEMP%\cfjff62.tmp
- %TEMP%\cfjff40.tmp
- %TEMP%\cfjfdb8.tmp
- %TEMP%\cfjfe50.tmp
- %TEMP%\cfjfd50.tmp
- %TEMP%\cfjfd3d.tmp
- %TEMP%\cfjfd2d.tmp
- %TEMP%\cfjfd2c.tmp
- %TEMP%\cfjfd1b.tmp
- %TEMP%\cfjfd0a.tmp
- %TEMP%\cfjfd09.tmp
- %TEMP%\cfjfcf9.tmp
- %TEMP%\cfjfcf8.tmp
- %TEMP%\cfjfd3e.tmp
- %TEMP%\cfjfce7.tmp
- %TEMP%\cfjfcc6.tmp
- %TEMP%\cfjfcc5.tmp
- %TEMP%\cfjfcb4.tmp
- %TEMP%\cfjfcb3.tmp
- %TEMP%\cfjfca3.tmp
- %TEMP%\cfjfca2.tmp
- %TEMP%\cfjfc91.tmp
- %TEMP%\cfjfc80.tmp
- %TEMP%\cfjfce6.tmp
- %TEMP%\cfj30.tmp
- %TEMP%\cfjfe2f.tmp
- %TEMP%\cfjfd60.tmp
- %TEMP%\cfjfe1e.tmp
- %TEMP%\cfjfe0e.tmp
- %TEMP%\cfjfdfd.tmp
- %TEMP%\cfjfdfc.tmp
- %TEMP%\cfjfdeb.tmp
- %TEMP%\cfjfddb.tmp
- %TEMP%\cfjfdda.tmp
- %TEMP%\cfjfdba.tmp
- %TEMP%\cfjfe40.tmp
- %TEMP%\cfjfdb9.tmp
- %TEMP%\cfjfda7.tmp
- %TEMP%\cfjfda6.tmp
- %TEMP%\cfjfd95.tmp
- %TEMP%\cfjfd85.tmp
- %TEMP%\cfjfd84.tmp
- %TEMP%\cfjfd73.tmp
- %TEMP%\cfjfd72.tmp
- %TEMP%\cfjfd61.tmp
- %TEMP%\cfjfd3f.tmp
- %TEMP%\cfj8b0.tmp
Sets the 'hidden' attribute to the following files
- %WINDIR%\1.exe
Moves the following files
- from %TEMP%\cfjf8af.tmp to %ProgramFiles%\kazaa\my shared folder\windows 2003 advanced server keygen.exe
- from %TEMP%\cfj2da.tmp to %ProgramFiles%\emule\incoming\website hacker.exe
- from %TEMP%\cfj330.tmp to %ProgramFiles%\morpheus\my shared folder\ftp cracker.exe
- from %TEMP%\cfj31f.tmp to %ProgramFiles%\morpheus\my shared folder\password cracker.exe
- from %TEMP%\cfj30f.tmp to %ProgramFiles%\morpheus\my shared folder\half-life 2 downloader.exe
- from %TEMP%\cfj30e.tmp to %ProgramFiles%\morpheus\my shared folder\ut 2003 keygen.exe
- from %TEMP%\cfj2fd.tmp to %ProgramFiles%\morpheus\my shared folder\windows 2003 advanced server keygen.exe
- from %TEMP%\cfj2fc.tmp to %ProgramFiles%\emule\incoming\divx 5.0 pro keygen.exe
- from %TEMP%\cfj2eb.tmp to %ProgramFiles%\emule\incoming\counter-strike keygen.exe
- from %TEMP%\cfj2db.tmp to %ProgramFiles%\emule\incoming\ip nuker.exe
- from %TEMP%\cfj2c9.tmp to %ProgramFiles%\emule\incoming\keylogger.exe
- from %TEMP%\cfj332.tmp to %ProgramFiles%\morpheus\my shared folder\hotmail hacker.exe
- from %TEMP%\cfj2c8.tmp to %ProgramFiles%\emule\incoming\aol password cracker.exe
- from %TEMP%\cfj2b7.tmp to %ProgramFiles%\emule\incoming\icq hacker.exe
- from %TEMP%\cfj2b6.tmp to %ProgramFiles%\emule\incoming\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfj2a6.tmp to %ProgramFiles%\emule\incoming\msn password cracker.exe
- from %TEMP%\cfj295.tmp to %ProgramFiles%\emule\incoming\microsoft visual studio keygen.exe
- from %TEMP%\cfj294.tmp to %ProgramFiles%\emule\incoming\microsoft visual basic keygen.exe
- from %TEMP%\cfj1f9.tmp to %ProgramFiles%\emule\incoming\password cracker.exe
- from %TEMP%\cfj342.tmp to %ProgramFiles%\morpheus\my shared folder\hotmail cracker.exe
- from %TEMP%\cfj411.tmp to %ProgramFiles%\morpheus\my shared folder\ip nuker.exe
- from %TEMP%\cfj3ba.tmp to %ProgramFiles%\morpheus\my shared folder\microsoft visual c++ keygen.exe
- from %TEMP%\cfj3ca.tmp to %ProgramFiles%\morpheus\my shared folder\microsoft visual basic keygen.exe
- from %TEMP%\cfj410.tmp to %ProgramFiles%\morpheus\my shared folder\website hacker.exe
- from %TEMP%\cfj3ff.tmp to %ProgramFiles%\morpheus\my shared folder\keylogger.exe
- from %TEMP%\cfj3fe.tmp to %ProgramFiles%\morpheus\my shared folder\aol password cracker.exe
- from %TEMP%\cfj3ee.tmp to %ProgramFiles%\morpheus\my shared folder\icq hacker.exe
- from %TEMP%\cfj3ed.tmp to %ProgramFiles%\morpheus\my shared folder\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfj3dc.tmp to %ProgramFiles%\morpheus\my shared folder\msn password cracker.exe
- from %TEMP%\cfj3db.tmp to %ProgramFiles%\morpheus\my shared folder\microsoft visual studio keygen.exe
- from %TEMP%\cfj284.tmp to %ProgramFiles%\emule\incoming\microsoft visual c++ keygen.exe
- from %TEMP%\cfj283.tmp to %ProgramFiles%\emule\incoming\sub7 2.3 private.exe
- from %TEMP%\cfj353.tmp to %ProgramFiles%\morpheus\my shared folder\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfj3b8.tmp to %ProgramFiles%\morpheus\my shared folder\sdbot with netbios spread.exe
- from %TEMP%\cfj3a7.tmp to %ProgramFiles%\morpheus\my shared folder\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfj397.tmp to %ProgramFiles%\morpheus\my shared folder\windows password cracker.exe
- from %TEMP%\cfj386.tmp to %ProgramFiles%\morpheus\my shared folder\netbios cracker.exe
- from %TEMP%\cfj375.tmp to %ProgramFiles%\morpheus\my shared folder\netbios hacker.exe
- from %TEMP%\cfj374.tmp to %ProgramFiles%\morpheus\my shared folder\dcom exploit.exe
- from %TEMP%\cfj354.tmp to %ProgramFiles%\morpheus\my shared folder\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfj3b9.tmp to %ProgramFiles%\morpheus\my shared folder\sub7 2.3 private.exe
- from %TEMP%\cfj331.tmp to %ProgramFiles%\morpheus\my shared folder\brutus ftp cracker.exe
- from %TEMP%\cfj262.tmp to %ProgramFiles%\emule\incoming\sdbot with netbios spread.exe
- from %TEMP%\cfj261.tmp to %ProgramFiles%\emule\incoming\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfj422.tmp to %ProgramFiles%\morpheus\my shared folder\counter-strike keygen.exe
- from %TEMP%\cfj108.tmp to %ProgramFiles%\edonkey2000\incoming\dcom exploit.exe
- from %TEMP%\cfj16e.tmp to %ProgramFiles%\edonkey2000\incoming\microsoft visual basic keygen.exe
- from %TEMP%\cfj15d.tmp to %ProgramFiles%\edonkey2000\incoming\microsoft visual c++ keygen.exe
- from %TEMP%\cfj14c.tmp to %ProgramFiles%\edonkey2000\incoming\sub7 2.3 private.exe
- from %TEMP%\cfj13c.tmp to %ProgramFiles%\edonkey2000\incoming\sdbot with netbios spread.exe
- from %TEMP%\cfj13b.tmp to %ProgramFiles%\edonkey2000\incoming\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfj12a.tmp to %ProgramFiles%\edonkey2000\incoming\windows password cracker.exe
- from %TEMP%\cfj190.tmp to %ProgramFiles%\edonkey2000\incoming\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfj129.tmp to %ProgramFiles%\edonkey2000\incoming\netbios cracker.exe
- from %TEMP%\cfj118.tmp to %ProgramFiles%\edonkey2000\incoming\netbios hacker.exe
- from %TEMP%\cfj107.tmp to %ProgramFiles%\edonkey2000\incoming\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfj106.tmp to %ProgramFiles%\edonkey2000\incoming\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfjf5.tmp to %ProgramFiles%\edonkey2000\incoming\hotmail cracker.exe
- from %TEMP%\cfje5.tmp to %ProgramFiles%\edonkey2000\incoming\hotmail hacker.exe
- from %TEMP%\cfje4.tmp to %ProgramFiles%\edonkey2000\incoming\brutus ftp cracker.exe
- from %TEMP%\cfjd3.tmp to %ProgramFiles%\edonkey2000\incoming\ftp cracker.exe
- from %TEMP%\cfjd2.tmp to %ProgramFiles%\edonkey2000\incoming\password cracker.exe
- from %TEMP%\cfj17f.tmp to %ProgramFiles%\edonkey2000\incoming\msn password cracker.exe
- from %TEMP%\cfjc0.tmp to %ProgramFiles%\edonkey2000\incoming\ut 2003 keygen.exe
- from %TEMP%\cfj1a1.tmp to %ProgramFiles%\edonkey2000\incoming\aol password cracker.exe
- from %TEMP%\cfj1b3.tmp to %ProgramFiles%\edonkey2000\incoming\website hacker.exe
- from %TEMP%\cfj260.tmp to %ProgramFiles%\emule\incoming\windows password cracker.exe
- from %TEMP%\cfj191.tmp to %ProgramFiles%\edonkey2000\incoming\icq hacker.exe
- from %TEMP%\cfj250.tmp to %ProgramFiles%\emule\incoming\netbios cracker.exe
- from %TEMP%\cfj24f.tmp to %ProgramFiles%\emule\incoming\netbios hacker.exe
- from %TEMP%\cfj23e.tmp to %ProgramFiles%\emule\incoming\dcom exploit.exe
- from %TEMP%\cfj23d.tmp to %ProgramFiles%\emule\incoming\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfj22c.tmp to %ProgramFiles%\emule\incoming\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfj21c.tmp to %ProgramFiles%\emule\incoming\hotmail cracker.exe
- from %TEMP%\cfj1a2.tmp to %ProgramFiles%\edonkey2000\incoming\keylogger.exe
- from %TEMP%\cfj21b.tmp to %ProgramFiles%\emule\incoming\hotmail hacker.exe
- from %TEMP%\cfj209.tmp to %ProgramFiles%\emule\incoming\ftp cracker.exe
- from %TEMP%\cfj17e.tmp to %ProgramFiles%\edonkey2000\incoming\microsoft visual studio keygen.exe
- from %TEMP%\cfj1f8.tmp to %ProgramFiles%\emule\incoming\half-life 2 downloader.exe
- from %TEMP%\cfj1e7.tmp to %ProgramFiles%\emule\incoming\ut 2003 keygen.exe
- from %TEMP%\cfj1d6.tmp to %ProgramFiles%\emule\incoming\windows 2003 advanced server keygen.exe
- from %TEMP%\cfj1d5.tmp to %ProgramFiles%\edonkey2000\incoming\divx 5.0 pro keygen.exe
- from %TEMP%\cfj1c5.tmp to %ProgramFiles%\edonkey2000\incoming\counter-strike keygen.exe
- from %TEMP%\cfj1c4.tmp to %ProgramFiles%\edonkey2000\incoming\ip nuker.exe
- from %TEMP%\cfj21a.tmp to %ProgramFiles%\emule\incoming\brutus ftp cracker.exe
- from %TEMP%\cfjc1.tmp to %ProgramFiles%\edonkey2000\incoming\half-life 2 downloader.exe
- from %TEMP%\cfj432.tmp to %ProgramFiles%\morpheus\my shared folder\divx 5.0 pro keygen.exe
- from %TEMP%\cfj48b.tmp to %ProgramFiles%\limewire\shared\dcom exploit.exe
- from %TEMP%\cfj750.tmp to %ProgramFiles%\winmx\shared\ftp cracker.exe
- from %TEMP%\cfj73f.tmp to %ProgramFiles%\winmx\shared\password cracker.exe
- from %TEMP%\cfj72e.tmp to %ProgramFiles%\winmx\shared\half-life 2 downloader.exe
- from %TEMP%\cfj71e.tmp to %ProgramFiles%\winmx\shared\ut 2003 keygen.exe
- from %TEMP%\cfj71d.tmp to %ProgramFiles%\winmx\shared\windows 2003 advanced server keygen.exe
- from %TEMP%\cfj70c.tmp to %ProgramFiles%\tesla\files\divx 5.0 pro keygen.exe
- from %TEMP%\cfj6fb.tmp to %ProgramFiles%\tesla\files\counter-strike keygen.exe
- from %TEMP%\cfj6eb.tmp to %ProgramFiles%\tesla\files\ip nuker.exe
- from %TEMP%\cfj6ca.tmp to %ProgramFiles%\tesla\files\keylogger.exe
- from %TEMP%\cfj771.tmp to %ProgramFiles%\winmx\shared\hotmail hacker.exe
- from %TEMP%\cfj6b9.tmp to %ProgramFiles%\tesla\files\aol password cracker.exe
- from %TEMP%\cfj6a8.tmp to %ProgramFiles%\tesla\files\icq hacker.exe
- from %TEMP%\cfj698.tmp to %ProgramFiles%\tesla\files\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfj687.tmp to %ProgramFiles%\tesla\files\msn password cracker.exe
- from %TEMP%\cfj676.tmp to %ProgramFiles%\tesla\files\microsoft visual studio keygen.exe
- from %TEMP%\cfj675.tmp to %ProgramFiles%\tesla\files\microsoft visual basic keygen.exe
- from %TEMP%\cfj665.tmp to %ProgramFiles%\tesla\files\microsoft visual c++ keygen.exe
- from %TEMP%\cfj6da.tmp to %ProgramFiles%\tesla\files\website hacker.exe
- from %TEMP%\cfj633.tmp to %ProgramFiles%\tesla\files\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfj781.tmp to %ProgramFiles%\winmx\shared\hotmail cracker.exe
- from %TEMP%\cfj88e.tmp to %ProgramFiles%\winmx\shared\ip nuker.exe
- from %TEMP%\cfj87e.tmp to %ProgramFiles%\winmx\shared\website hacker.exe
- from %TEMP%\cfj86d.tmp to %ProgramFiles%\winmx\shared\keylogger.exe
- from %TEMP%\cfj86c.tmp to %ProgramFiles%\winmx\shared\aol password cracker.exe
- from %TEMP%\cfj85c.tmp to %ProgramFiles%\winmx\shared\icq hacker.exe
- from %TEMP%\cfj84b.tmp to %ProgramFiles%\winmx\shared\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfj84a.tmp to %ProgramFiles%\winmx\shared\msn password cracker.exe
- from %TEMP%\cfj839.tmp to %ProgramFiles%\winmx\shared\microsoft visual studio keygen.exe
- from %TEMP%\cfj654.tmp to %ProgramFiles%\tesla\files\sub7 2.3 private.exe
- from %TEMP%\cfj760.tmp to %ProgramFiles%\winmx\shared\brutus ftp cracker.exe
- from %TEMP%\cfj817.tmp to %ProgramFiles%\winmx\shared\sub7 2.3 private.exe
- from %TEMP%\cfj816.tmp to %ProgramFiles%\winmx\shared\sdbot with netbios spread.exe
- from %TEMP%\cfj805.tmp to %ProgramFiles%\winmx\shared\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfj7f5.tmp to %ProgramFiles%\winmx\shared\windows password cracker.exe
- from %TEMP%\cfj7f4.tmp to %ProgramFiles%\winmx\shared\netbios cracker.exe
- from %TEMP%\cfj7e3.tmp to %ProgramFiles%\winmx\shared\netbios hacker.exe
- from %TEMP%\cfj7d3.tmp to %ProgramFiles%\winmx\shared\dcom exploit.exe
- from %TEMP%\cfj7a3.tmp to %ProgramFiles%\winmx\shared\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfj828.tmp to %ProgramFiles%\winmx\shared\microsoft visual c++ keygen.exe
- from %TEMP%\cfj782.tmp to %ProgramFiles%\winmx\shared\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfj653.tmp to %ProgramFiles%\tesla\files\sdbot with netbios spread.exe
- from %TEMP%\cfj632.tmp to %ProgramFiles%\tesla\files\windows password cracker.exe
- from %TEMP%\cfjfdb9.tmp to %ProgramFiles%\grokster\my grokster\half-life 2 downloader.exe
- from %TEMP%\cfj4ac.tmp to %ProgramFiles%\limewire\shared\netbios hacker.exe
- from %TEMP%\cfj4f1.tmp to %ProgramFiles%\limewire\shared\microsoft visual basic keygen.exe
- from %TEMP%\cfj4e0.tmp to %ProgramFiles%\limewire\shared\microsoft visual c++ keygen.exe
- from %TEMP%\cfj4df.tmp to %ProgramFiles%\limewire\shared\sub7 2.3 private.exe
- from %TEMP%\cfj4cf.tmp to %ProgramFiles%\limewire\shared\sdbot with netbios spread.exe
- from %TEMP%\cfj4ce.tmp to %ProgramFiles%\limewire\shared\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfj4bd.tmp to %ProgramFiles%\limewire\shared\windows password cracker.exe
- from %TEMP%\cfj4ad.tmp to %ProgramFiles%\limewire\shared\netbios cracker.exe
- from %TEMP%\cfj4f2.tmp to %ProgramFiles%\limewire\shared\microsoft visual studio keygen.exe
- from %TEMP%\cfj503.tmp to %ProgramFiles%\limewire\shared\msn password cracker.exe
- from %TEMP%\cfj433.tmp to %ProgramFiles%\limewire\shared\windows 2003 advanced server keygen.exe
- from %TEMP%\cfj47a.tmp to %ProgramFiles%\limewire\shared\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfj479.tmp to %ProgramFiles%\limewire\shared\hotmail cracker.exe
- from %TEMP%\cfj468.tmp to %ProgramFiles%\limewire\shared\hotmail hacker.exe
- from %TEMP%\cfj467.tmp to %ProgramFiles%\limewire\shared\brutus ftp cracker.exe
- from %TEMP%\cfj456.tmp to %ProgramFiles%\limewire\shared\ftp cracker.exe
- from %TEMP%\cfj455.tmp to %ProgramFiles%\limewire\shared\password cracker.exe
- from %TEMP%\cfj445.tmp to %ProgramFiles%\limewire\shared\half-life 2 downloader.exe
- from %TEMP%\cfj48a.tmp to %ProgramFiles%\limewire\shared\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfj434.tmp to %ProgramFiles%\limewire\shared\ut 2003 keygen.exe
- from %TEMP%\cfj504.tmp to %ProgramFiles%\limewire\shared\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfj5ab.tmp to %ProgramFiles%\tesla\files\password cracker.exe
- from %TEMP%\cfj5bc.tmp to %ProgramFiles%\tesla\files\ftp cracker.exe
- from %TEMP%\cfj611.tmp to %ProgramFiles%\tesla\files\netbios hacker.exe
- from %TEMP%\cfj610.tmp to %ProgramFiles%\tesla\files\dcom exploit.exe
- from %TEMP%\cfj5ff.tmp to %ProgramFiles%\tesla\files\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfj5fe.tmp to %ProgramFiles%\tesla\files\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfj5de.tmp to %ProgramFiles%\tesla\files\hotmail cracker.exe
- from %TEMP%\cfj5dd.tmp to %ProgramFiles%\tesla\files\hotmail hacker.exe
- from %TEMP%\cfj5cc.tmp to %ProgramFiles%\tesla\files\brutus ftp cracker.exe
- from %TEMP%\cfj621.tmp to %ProgramFiles%\tesla\files\netbios cracker.exe
- from %TEMP%\cfj514.tmp to %ProgramFiles%\limewire\shared\icq hacker.exe
- from %TEMP%\cfj525.tmp to %ProgramFiles%\limewire\shared\aol password cracker.exe
- from %TEMP%\cfj58a.tmp to %ProgramFiles%\tesla\files\ut 2003 keygen.exe
- from %TEMP%\cfj55a.tmp to %ProgramFiles%\tesla\files\windows 2003 advanced server keygen.exe
- from %TEMP%\cfj559.tmp to %ProgramFiles%\limewire\shared\divx 5.0 pro keygen.exe
- from %TEMP%\cfj548.tmp to %ProgramFiles%\limewire\shared\counter-strike keygen.exe
- from %TEMP%\cfj547.tmp to %ProgramFiles%\limewire\shared\ip nuker.exe
- from %TEMP%\cfj527.tmp to %ProgramFiles%\limewire\shared\website hacker.exe
- from %TEMP%\cfj526.tmp to %ProgramFiles%\limewire\shared\keylogger.exe
- from %TEMP%\cfj59a.tmp to %ProgramFiles%\tesla\files\half-life 2 downloader.exe
- from %TEMP%\cfjb0.tmp to %ProgramFiles%\edonkey2000\incoming\windows 2003 advanced server keygen.exe
- from %TEMP%\cfjaf.tmp to %ProgramFiles%\bearshare\shared\divx 5.0 pro keygen.exe
- from %TEMP%\cfj9e.tmp to %ProgramFiles%\bearshare\shared\counter-strike keygen.exe
- from %TEMP%\cfjfb6b.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\half-life 2 downloader.exe
- from %TEMP%\cfjfb5b.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\ut 2003 keygen.exe
- from %TEMP%\cfjfb4a.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\windows 2003 advanced server keygen.exe
- from %TEMP%\cfjfb49.tmp to %ProgramFiles%\kazaa lite\my shared folder\divx 5.0 pro keygen.exe
- from %TEMP%\cfjfb38.tmp to %ProgramFiles%\kazaa lite\my shared folder\counter-strike keygen.exe
- from %TEMP%\cfjfb28.tmp to %ProgramFiles%\kazaa lite\my shared folder\ip nuker.exe
- from %TEMP%\cfjfb17.tmp to %ProgramFiles%\kazaa lite\my shared folder\website hacker.exe
- from %TEMP%\cfjfb16.tmp to %ProgramFiles%\kazaa lite\my shared folder\keylogger.exe
- from %TEMP%\cfjfb05.tmp to %ProgramFiles%\kazaa lite\my shared folder\icq hacker.exe
- from %TEMP%\cfjfb8f.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\hotmail hacker.exe
- from %TEMP%\cfjfaf4.tmp to %ProgramFiles%\kazaa lite\my shared folder\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfjfaf3.tmp to %ProgramFiles%\kazaa lite\my shared folder\msn password cracker.exe
- from %TEMP%\cfjfae2.tmp to %ProgramFiles%\kazaa lite\my shared folder\microsoft visual studio keygen.exe
- from %TEMP%\cfjfae1.tmp to %ProgramFiles%\kazaa lite\my shared folder\microsoft visual basic keygen.exe
- from %TEMP%\cfjfad1.tmp to %ProgramFiles%\kazaa lite\my shared folder\microsoft visual c++ keygen.exe
- from %TEMP%\cfjfad0.tmp to %ProgramFiles%\kazaa lite\my shared folder\sub7 2.3 private.exe
- from %TEMP%\cfjfb7d.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\ftp cracker.exe
- from %TEMP%\cfjfb15.tmp to %ProgramFiles%\kazaa lite\my shared folder\aol password cracker.exe
- from %TEMP%\cfjfc7e.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\counter-strike keygen.exe
- from %TEMP%\cfjfb90.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\hotmail cracker.exe
- from %TEMP%\cfjfc5c.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\keylogger.exe
- from %TEMP%\cfjfc4b.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\aol password cracker.exe
- from %TEMP%\cfjfc4a.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\icq hacker.exe
- from %TEMP%\cfjfc3a.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfjfc29.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\msn password cracker.exe
- from %TEMP%\cfjfc28.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\microsoft visual studio keygen.exe
- from %TEMP%\cfjfc18.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\microsoft visual basic keygen.exe
- from %TEMP%\cfjfabf.tmp to %ProgramFiles%\kazaa lite\my shared folder\sdbot with netbios spread.exe
- from %TEMP%\cfjfc17.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\microsoft visual c++ keygen.exe
- from %TEMP%\cfjfb7e.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\brutus ftp cracker.exe
- from %TEMP%\cfjfbe5.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfjfbe4.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\windows password cracker.exe
- from %TEMP%\cfjfbd3.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\netbios cracker.exe
- from %TEMP%\cfjfbc2.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\netbios hacker.exe
- from %TEMP%\cfjfbc1.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\dcom exploit.exe
- from %TEMP%\cfjfbb1.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfjfba0.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfjfc06.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\sub7 2.3 private.exe
- from %TEMP%\cfjfa9f.tmp to %ProgramFiles%\kazaa lite\my shared folder\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfjfc5d.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\website hacker.exe
- from %TEMP%\cfjfa8e.tmp to %ProgramFiles%\kazaa lite\my shared folder\windows password cracker.exe
- from %TEMP%\cfjfa7e.tmp to %ProgramFiles%\kazaa lite\my shared folder\netbios cracker.exe
- from %TEMP%\cfjf96d.tmp to %ProgramFiles%\kazaa\my shared folder\microsoft visual basic keygen.exe
- from %TEMP%\cfjfc6e.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\ip nuker.exe
- from %TEMP%\cfjf95b.tmp to %ProgramFiles%\kazaa\my shared folder\sub7 2.3 private.exe
- from %TEMP%\cfjf95a.tmp to %ProgramFiles%\kazaa\my shared folder\sdbot with netbios spread.exe
- from %TEMP%\cfjf949.tmp to %ProgramFiles%\kazaa\my shared folder\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfjf939.tmp to %ProgramFiles%\kazaa\my shared folder\windows password cracker.exe
- from %TEMP%\cfjf928.tmp to %ProgramFiles%\kazaa\my shared folder\netbios cracker.exe
- from %TEMP%\cfjf927.tmp to %ProgramFiles%\kazaa\my shared folder\netbios hacker.exe
- from %TEMP%\cfjf97d.tmp to %ProgramFiles%\kazaa\my shared folder\microsoft visual studio keygen.exe
- from %TEMP%\cfjf98e.tmp to %ProgramFiles%\kazaa\my shared folder\msn password cracker.exe
- from %TEMP%\cfjf926.tmp to %ProgramFiles%\kazaa\my shared folder\dcom exploit.exe
- from %TEMP%\cfjf904.tmp to %ProgramFiles%\kazaa\my shared folder\hotmail cracker.exe
- from %TEMP%\cfjf8f3.tmp to %ProgramFiles%\kazaa\my shared folder\hotmail hacker.exe
- from %TEMP%\cfjf8e3.tmp to %ProgramFiles%\kazaa\my shared folder\brutus ftp cracker.exe
- from %TEMP%\cfjf8d2.tmp to %ProgramFiles%\kazaa\my shared folder\ftp cracker.exe
- from %TEMP%\cfjf8d1.tmp to %ProgramFiles%\kazaa\my shared folder\password cracker.exe
- from %TEMP%\cfjf8c0.tmp to %ProgramFiles%\kazaa\my shared folder\half-life 2 downloader.exe
- from %TEMP%\cfjf8bf.tmp to %ProgramFiles%\kazaa\my shared folder\ut 2003 keygen.exe
- from %TEMP%\cfjf915.tmp to %ProgramFiles%\kazaa\my shared folder\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfjf905.tmp to %ProgramFiles%\kazaa\my shared folder\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfjfbf5.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\sdbot with netbios spread.exe
- from %TEMP%\cfjf990.tmp to %ProgramFiles%\kazaa\my shared folder\icq hacker.exe
- from %TEMP%\cfjfa06.tmp to %ProgramFiles%\kazaa lite\my shared folder\half-life 2 downloader.exe
- from %TEMP%\cfjfa17.tmp to %ProgramFiles%\kazaa lite\my shared folder\password cracker.exe
- from %TEMP%\cfjfa6c.tmp to %ProgramFiles%\kazaa lite\my shared folder\dcom exploit.exe
- from %TEMP%\cfjfa5b.tmp to %ProgramFiles%\kazaa lite\my shared folder\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfjfa4b.tmp to %ProgramFiles%\kazaa lite\my shared folder\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfjfa4a.tmp to %ProgramFiles%\kazaa lite\my shared folder\hotmail cracker.exe
- from %TEMP%\cfjfa39.tmp to %ProgramFiles%\kazaa lite\my shared folder\hotmail hacker.exe
- from %TEMP%\cfjfa28.tmp to %ProgramFiles%\kazaa lite\my shared folder\brutus ftp cracker.exe
- from %TEMP%\cfjfa27.tmp to %ProgramFiles%\kazaa lite\my shared folder\ftp cracker.exe
- from %TEMP%\cfjfa7d.tmp to %ProgramFiles%\kazaa lite\my shared folder\netbios hacker.exe
- from %TEMP%\cfjf98f.tmp to %ProgramFiles%\kazaa\my shared folder\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfjf96c.tmp to %ProgramFiles%\kazaa\my shared folder\microsoft visual c++ keygen.exe
- from %TEMP%\cfjf9f5.tmp to %ProgramFiles%\kazaa lite\my shared folder\windows 2003 advanced server keygen.exe
- from %TEMP%\cfjf9f4.tmp to %ProgramFiles%\kazaa\my shared folder\divx 5.0 pro keygen.exe
- from %TEMP%\cfjf9d3.tmp to %ProgramFiles%\kazaa\my shared folder\counter-strike keygen.exe
- from %TEMP%\cfjf9c3.tmp to %ProgramFiles%\kazaa\my shared folder\ip nuker.exe
- from %TEMP%\cfjf9b2.tmp to %ProgramFiles%\kazaa\my shared folder\website hacker.exe
- from %TEMP%\cfjf9a1.tmp to %ProgramFiles%\kazaa\my shared folder\keylogger.exe
- from %TEMP%\cfjf9a0.tmp to %ProgramFiles%\kazaa\my shared folder\aol password cracker.exe
- from %TEMP%\cfjfa05.tmp to %ProgramFiles%\kazaa lite\my shared folder\ut 2003 keygen.exe
- from %TEMP%\cfjfb6c.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\password cracker.exe
- from %TEMP%\cfjfc7f.tmp to %ProgramFiles%\kazaa lite k++\my shared folder\divx 5.0 pro keygen.exe
- from %TEMP%\cfjff3f.tmp to %ProgramFiles%\bearshare\shared\ftp cracker.exe
- from %TEMP%\cfjfeca.tmp to %ProgramFiles%\grokster\my grokster\website hacker.exe
- from %TEMP%\cfjff2e.tmp to %ProgramFiles%\bearshare\shared\password cracker.exe
- from %TEMP%\cfjff1e.tmp to %ProgramFiles%\bearshare\shared\half-life 2 downloader.exe
- from %TEMP%\cfjff1d.tmp to %ProgramFiles%\bearshare\shared\ut 2003 keygen.exe
- from %TEMP%\cfjfeed.tmp to %ProgramFiles%\bearshare\shared\windows 2003 advanced server keygen.exe
- from %TEMP%\cfjfedc.tmp to %ProgramFiles%\grokster\my grokster\divx 5.0 pro keygen.exe
- from %TEMP%\cfjfedb.tmp to %ProgramFiles%\grokster\my grokster\counter-strike keygen.exe
- from %TEMP%\cfjfeda.tmp to %ProgramFiles%\grokster\my grokster\ip nuker.exe
- from %TEMP%\cfjfc80.tmp to %ProgramFiles%\icq\shared folder\windows 2003 advanced server keygen.exe
- from %TEMP%\cfjff40.tmp to %ProgramFiles%\bearshare\shared\brutus ftp cracker.exe
- from %TEMP%\cfjfe52.tmp to %ProgramFiles%\grokster\my grokster\sdbot with netbios spread.exe
- from %TEMP%\cfjfea7.tmp to %ProgramFiles%\grokster\my grokster\icq hacker.exe
- from %TEMP%\cfjfe97.tmp to %ProgramFiles%\grokster\my grokster\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfjfe96.tmp to %ProgramFiles%\grokster\my grokster\msn password cracker.exe
- from %TEMP%\cfjfe85.tmp to %ProgramFiles%\grokster\my grokster\microsoft visual studio keygen.exe
- from %TEMP%\cfjfe74.tmp to %ProgramFiles%\grokster\my grokster\microsoft visual basic keygen.exe
- from %TEMP%\cfjfe73.tmp to %ProgramFiles%\grokster\my grokster\microsoft visual c++ keygen.exe
- from %TEMP%\cfjfe63.tmp to %ProgramFiles%\grokster\my grokster\sub7 2.3 private.exe
- from %TEMP%\cfjfea8.tmp to %ProgramFiles%\grokster\my grokster\aol password cracker.exe
- from %TEMP%\cfjfeb9.tmp to %ProgramFiles%\grokster\my grokster\keylogger.exe
- from %TEMP%\cfjff51.tmp to %ProgramFiles%\bearshare\shared\hotmail hacker.exe
- from %TEMP%\cfjffc9.tmp to %ProgramFiles%\bearshare\shared\microsoft visual c++ keygen.exe
- from %TEMP%\cfjffca.tmp to %ProgramFiles%\bearshare\shared\microsoft visual basic keygen.exe
- from %TEMP%\cfj1f.tmp to %ProgramFiles%\bearshare\shared\website hacker.exe
- from %TEMP%\cfje.tmp to %ProgramFiles%\bearshare\shared\keylogger.exe
- from %TEMP%\cfjd.tmp to %ProgramFiles%\bearshare\shared\aol password cracker.exe
- from %TEMP%\cfjc.tmp to %ProgramFiles%\bearshare\shared\icq hacker.exe
- from %TEMP%\cfjfffc.tmp to %ProgramFiles%\bearshare\shared\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfjffeb.tmp to %ProgramFiles%\bearshare\shared\msn password cracker.exe
- from %TEMP%\cfjffdb.tmp to %ProgramFiles%\bearshare\shared\microsoft visual studio keygen.exe
- from %TEMP%\cfj30.tmp to %ProgramFiles%\bearshare\shared\ip nuker.exe
- from %TEMP%\cfjff61.tmp to %ProgramFiles%\bearshare\shared\hotmail cracker.exe
- from %TEMP%\cfjff62.tmp to %ProgramFiles%\bearshare\shared\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfjffa8.tmp to %ProgramFiles%\bearshare\shared\sdbot with netbios spread.exe
- from %TEMP%\cfjffa7.tmp to %ProgramFiles%\bearshare\shared\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfjff96.tmp to %ProgramFiles%\bearshare\shared\windows password cracker.exe
- from %TEMP%\cfjff95.tmp to %ProgramFiles%\bearshare\shared\netbios cracker.exe
- from %TEMP%\cfjff84.tmp to %ProgramFiles%\bearshare\shared\netbios hacker.exe
- from %TEMP%\cfjff74.tmp to %ProgramFiles%\bearshare\shared\dcom exploit.exe
- from %TEMP%\cfjff73.tmp to %ProgramFiles%\bearshare\shared\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfjffb8.tmp to %ProgramFiles%\bearshare\shared\sub7 2.3 private.exe
- from %TEMP%\cfj829.tmp to %ProgramFiles%\winmx\shared\microsoft visual basic keygen.exe
- from %TEMP%\cfj89f.tmp to %ProgramFiles%\winmx\shared\counter-strike keygen.exe
- from %TEMP%\cfjfe40.tmp to %ProgramFiles%\grokster\my grokster\netbios cracker.exe
- from %TEMP%\cfjfce7.tmp to %ProgramFiles%\icq\shared folder\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfjfd3d.tmp to %ProgramFiles%\icq\shared folder\microsoft visual c++ keygen.exe
- from %TEMP%\cfjfd2d.tmp to %ProgramFiles%\icq\shared folder\sub7 2.3 private.exe
- from %TEMP%\cfjfd2c.tmp to %ProgramFiles%\icq\shared folder\sdbot with netbios spread.exe
- from %TEMP%\cfjfd1b.tmp to %ProgramFiles%\icq\shared folder\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfjfd0a.tmp to %ProgramFiles%\icq\shared folder\windows password cracker.exe
- from %TEMP%\cfjfd09.tmp to %ProgramFiles%\icq\shared folder\netbios cracker.exe
- from %TEMP%\cfjfcf9.tmp to %ProgramFiles%\icq\shared folder\netbios hacker.exe
- from %TEMP%\cfjfe50.tmp to %ProgramFiles%\grokster\my grokster\windows password cracker.exe
- from %TEMP%\cfjfd3f.tmp to %ProgramFiles%\icq\shared folder\microsoft visual studio keygen.exe
- from %TEMP%\cfjfce6.tmp to %ProgramFiles%\icq\shared folder\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfjfcc6.tmp to %ProgramFiles%\icq\shared folder\hotmail cracker.exe
- from %TEMP%\cfjfcc5.tmp to %ProgramFiles%\icq\shared folder\hotmail hacker.exe
- from %TEMP%\cfjfcb4.tmp to %ProgramFiles%\icq\shared folder\brutus ftp cracker.exe
- from %TEMP%\cfjfcb3.tmp to %ProgramFiles%\icq\shared folder\ftp cracker.exe
- from %TEMP%\cfjfca3.tmp to %ProgramFiles%\icq\shared folder\password cracker.exe
- from %TEMP%\cfjfca2.tmp to %ProgramFiles%\icq\shared folder\half-life 2 downloader.exe
- from %TEMP%\cfjfc91.tmp to %ProgramFiles%\icq\shared folder\ut 2003 keygen.exe
- from %TEMP%\cfjfcf8.tmp to %ProgramFiles%\icq\shared folder\dcom exploit.exe
- from %TEMP%\cfjfe51.tmp to %ProgramFiles%\grokster\my grokster\l0pht 4.0 windows password cracker.exe
- from %TEMP%\cfjfd50.tmp to %ProgramFiles%\icq\shared folder\msn password cracker.exe
- from %TEMP%\cfjfd72.tmp to %ProgramFiles%\icq\shared folder\aol password cracker.exe
- from %TEMP%\cfjfd60.tmp to %ProgramFiles%\icq\shared folder\aol instant messenger (aim) hacker.exe
- from %TEMP%\cfjfe2f.tmp to %ProgramFiles%\grokster\my grokster\netbios hacker.exe
- from %TEMP%\cfjfe1e.tmp to %ProgramFiles%\grokster\my grokster\dcom exploit.exe
- from %TEMP%\cfjfe0e.tmp to %ProgramFiles%\grokster\my grokster\norton anti-virus 2008 enterprise crack.exe
- from %TEMP%\cfjfdfd.tmp to %ProgramFiles%\grokster\my grokster\windows.vista.32.bit.crack.by.reloaded.exe
- from %TEMP%\cfjfdfc.tmp to %ProgramFiles%\grokster\my grokster\hotmail cracker.exe
- from %TEMP%\cfjfdeb.tmp to %ProgramFiles%\grokster\my grokster\hotmail hacker.exe
- from %TEMP%\cfjfddb.tmp to %ProgramFiles%\grokster\my grokster\brutus ftp cracker.exe
- from %TEMP%\cfjfd61.tmp to %ProgramFiles%\icq\shared folder\icq hacker.exe
- from %TEMP%\cfjfdda.tmp to %ProgramFiles%\grokster\my grokster\ftp cracker.exe
- from %TEMP%\cfjfd3e.tmp to %ProgramFiles%\icq\shared folder\microsoft visual basic keygen.exe
- from %TEMP%\cfjfdb8.tmp to %ProgramFiles%\grokster\my grokster\ut 2003 keygen.exe
- from %TEMP%\cfjfda7.tmp to %ProgramFiles%\grokster\my grokster\windows 2003 advanced server keygen.exe
- from %TEMP%\cfjfda6.tmp to %ProgramFiles%\icq\shared folder\divx 5.0 pro keygen.exe
- from %TEMP%\cfjfd95.tmp to %ProgramFiles%\icq\shared folder\counter-strike keygen.exe
- from %TEMP%\cfjfd85.tmp to %ProgramFiles%\icq\shared folder\ip nuker.exe
- from %TEMP%\cfjfd84.tmp to %ProgramFiles%\icq\shared folder\website hacker.exe
- from %TEMP%\cfjfd73.tmp to %ProgramFiles%\icq\shared folder\keylogger.exe
- from %TEMP%\cfjfdba.tmp to %ProgramFiles%\grokster\my grokster\password cracker.exe
- from %TEMP%\cfj8b0.tmp to %ProgramFiles%\winmx\shared\divx 5.0 pro keygen.exe
Miscellaneous
Searches for the following windows
- ClassName: '__oxFrame.class__' WindowName: ''
- ClassName: 'Chat View' WindowName: ''
- ClassName: 'IMWindowClass' WindowName: ''
- ClassName: 'TskMultiChatForm.UnicodeClass' WindowName: ''