Technical Information
- [<HKLM>\SOFTWARE\Classes\.exe] '' = 'WMAFile'
- <SYSTEM32>\attrib.exe +r "keygen.exe"
- <SYSTEM32>\attrib.exe +h "keygen.exe"
- <SYSTEM32>\cmd.exe /c ""%TEMP%\1.tmp\keygen.bat""
- %WINDIR%\2304.4847
- <SYSTEM32>\1805.13470
- %WINDIR%\3865.4944
- <SYSTEM32>\18938.5237
- %WINDIR%\16703.9572
- <SYSTEM32>\19423.26717
- %WINDIR%\19788.4327
- <SYSTEM32>\23375.16668
- %WINDIR%\29338.24482
- <SYSTEM32>\21540.20459
- %WINDIR%\28096.15605
- <SYSTEM32>\170.24385
- %WINDIR%\22684.2120
- <SYSTEM32>\12891.29897
- %WINDIR%\11930.8709
- <SYSTEM32>\14490.26635
- %WINDIR%\23718.9837
- <SYSTEM32>\16197.23011
- %WINDIR%\17288.24396
- <SYSTEM32>\17214.24795
- %WINDIR%\20218.20714
- <SYSTEM32>\17059.12680
- %WINDIR%\28443.3314
- <SYSTEM32>\201.18914
- %WINDIR%\6828.5690
- <SYSTEM32>\29007.17743
- %WINDIR%\14754.7394
- <SYSTEM32>\16104.4147
- %WINDIR%\31241.15481
- <SYSTEM32>\1344.30551
- %WINDIR%\1476.3731
- <SYSTEM32>\16098.32621
- %WINDIR%\6023.60
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\600f5345.cash4files[1]
- %WINDIR%\26159.30416
- <SYSTEM32>\31902.13779
- %WINDIR%\5450.21713
- <SYSTEM32>\7866.7603
- %WINDIR%\1438.7490
- <SYSTEM32>\22793.5964
- %WINDIR%\23212.23874
- <SYSTEM32>\21877.14570
- %WINDIR%\3247.28707
- <SYSTEM32>\24047.28352
- %WINDIR%\4548.27975
- <SYSTEM32>\8789.19220
- %WINDIR%\23824.5796
- <SYSTEM32>\22985.22539
- %WINDIR%\16307.26535
- <SYSTEM32>\117.15291
- %WINDIR%\7492.6235
- <SYSTEM32>\6118.26500
- %WINDIR%\27612.11114
- <SYSTEM32>\24441.11570
- %WINDIR%\14623.3646
- <SYSTEM32>\23452.9985
- %WINDIR%\30128.2501
- <SYSTEM32>\1631.15284
- %WINDIR%\22844.19261
- <SYSTEM32>\21618.31219
- %WINDIR%\24722.15483
- <SYSTEM32>\31202.3323
- %WINDIR%\25725.27351
- <SYSTEM32>\23383.14062
- %WINDIR%\17055.8542
- <SYSTEM32>\10274.29055
- %TEMP%\1.tmp\keygen.bat
- <SYSTEM32>\21860.19099
- %WINDIR%\7644.31129
- <SYSTEM32>\15460.21036
- %WINDIR%\23168.11948
- <SYSTEM32>\19484.16802
- %WINDIR%\26714.1828
- <SYSTEM32>\27683.22210
- %WINDIR%\28927.24365
- <SYSTEM32>\3365.11074
- %WINDIR%\4403.22708
- <SYSTEM32>\10146.22074
- %WINDIR%\6104.15661
- <SYSTEM32>\16516.10793
- %WINDIR%\26926.29553
- <SYSTEM32>\3944.19814
- %WINDIR%\18616.3597
- <SYSTEM32>\21147.22525
- %WINDIR%\5434.24848
- <SYSTEM32>\26491.18723
- %WINDIR%\28001.27961
- <SYSTEM32>\20851.23623
- %WINDIR%\2089.1644
- <SYSTEM32>\31472.2601
- %WINDIR%\9765.1390
- <SYSTEM32>\19419.25298
- %WINDIR%\15719.20839
- <SYSTEM32>\25497.22047
- %WINDIR%\30684.19065
- <SYSTEM32>\4116.22178
- %WINDIR%\3528.5394
- <SYSTEM32>\23884.1591
- %WINDIR%\1234.15384
- <SYSTEM32>\24437.12930
- %TEMP%\1.tmp\keygen.bat
- '60#####5.cash4files.com':80
- 'localhost':1035
- 60#####5.cash4files.com/
- DNS ASK 60#####5.cash4files.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''