Technical Information
- %TEMP%\aut1.tmp
- %CommonProgramFiles%\~zawjwoy.exe
- %APPDATA%\ByClick\YouTube By Click 2.2.81\install\decoder.dll
- %APPDATA%\ByClick\YouTube By Click 2.2.81\install\E2F0003\YouTube By Click.msi
- %TEMP%\Ins2.tmp
- <LS_APPDATA>\AdvinstAnalytics\59550033d447e724bb46b9d6\2.2.81\tracking.ini
- <LS_APPDATA>\AdvinstAnalytics\59550033d447e724bb46b9d6\2.2.81\{E85B4DD0-BDBF-4BF5-8F6B-065EE949B68A}.session
- %TEMP%\MSI3.tmp
- %TEMP%\MSI4.tmp
- %TEMP%\tin5.tmp.part
- %CommonProgramFiles%\~zawjwoy.exe
- %TEMP%\aut1.tmp
- %TEMP%\MSI3.tmp
- from %TEMP%\tin5.tmp.part to %TEMP%\tin5.tmp
- 'localhost':1039
- '74.##5.232.51':80
- http://www.google.com/ via 74.##5.232.51
- DNS ASK www.google.com
- '%CommonProgramFiles%\~zawjwoy.exe' /quiet
- '<SYSTEM32>\msiexec.exe' /V
- '<SYSTEM32>\msiexec.exe' -Embedding 5F81D099DEE933177115C04DC1DBA9E9 C