Technical Information
- %TEMP%\xvid.exe
- %TEMP%\7za.exe
- %TEMP%\a.7z
- %TEMP%\nso2.tmp\execDos.dll
- %TEMP%\com.exe
- %TEMP%\fix.exe
- %TEMP%\for.exe
- %TEMP%\is-6UN2U.tmp\xvid.tmp
- %TEMP%\nso2.tmp\execDos.dll
- 'localhost':1039
- 'tr###.cmllk1.info':80
- http://tr###.cmllk1.info/aff_c?of##################################
- DNS ASK tr###.cmllk1.info
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: 'VIO Player Setup'
- ClassName: '' WindowName: 'Form2'
- '%TEMP%\7za.exe' x "%TEMP%\a.7z" -phYaLBErgoA -o"%TEMP%\" -aoa
- '%TEMP%\xvid.exe'
- '%TEMP%\com.exe'
- '%TEMP%\fix.exe'
- '%TEMP%\for.exe'
- '%TEMP%\is-6UN2U.tmp\xvid.tmp' /SL5="$10124,479575,145920,%TEMP%\xvid.exe"
- '<SYSTEM32>\reg.exe' ADD HKCU\Software\TR2 /v uni /t REG_SZ /d 1