Technical Information
- %WINDIR%\tasks\header.job
- <SYSTEM32>\tasks\header
- <SYSTEM32>\tasks\main
- %PROGRAMDATA%\chrome\bitoreen.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages_es.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages_fr.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages_it.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages_ja.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages_ko.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages_pt_br.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages_sv.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages_zh_cn.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages_zh_hk.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages_zh_tw.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\splash.gif
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\splash@2x.gif
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\splash_11-lic.gif
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\splash_11@2x-lic.gif
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\access-bridge-64.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\fonts\lucidabrightdemibold.ttf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\cldrdata.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\dnsns.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\jaccess.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\localedata.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\meta-index
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\nashorn.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\sunec.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\sunjce_provider.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\sunmscapi.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\sunpkcs11.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\zipfs.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\flavormap.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\fontconfig.bfc
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\fontconfig.properties.src
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages_de.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\messages.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\verify.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\rmid.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\rmiregistry.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\server\jvm.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\server\xusage.txt
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\servertool.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\splashscreen.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\ssv.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\ssvagent.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\sunec.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\sunmscapi.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\t2k.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\tnameserv.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\w2k_lsa_auth.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\currency.data
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\windowsaccessbridge-64.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\wsdetect.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\zip.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\accessibility.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\amd64\jvm.cfg
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\calendars.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\charsets.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\classlist
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\cmm\ciexyz.pf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\cmm\gray.pf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\cmm\linear_rgb.pf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\cmm\pycc.pf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\cmm\srgb.pf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\content-types.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy\ffjcext.zip
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\jfr\profile.jfc
- %TEMP%\hsperfdata_user\1372
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\fonts\lucidabrightregular.ttf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\security\cacerts
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\security\java.policy
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\security\java.security
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\security\javaws.policy
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\security\local_policy.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\security\us_export_policy.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\sound.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\tzdb.dat
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\tzmappings
- %TEMP%\e4jc03.tmp_dir1582861190\jre\release
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\charsets.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\jfr.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\jsse.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\plugin.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\fonts\lucidabrightitalic.ttf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\resources.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\rt.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\access-bridge-64.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\cldrdata.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\dnsns.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\jaccess.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\localedata.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\nashorn.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\zipfs.jar
- %TEMP%\hsperfdata_user\2220
- %PROGRAMDATA%\oracle\java\.oracle_jre_usage\bdbb1a458f1cef64.timestamp
- %TEMP%\e4jd85e.tmp
- %TEMP%\e4jc03.tmp_dir1582861190\user.jar
- %TEMP%\e4jc03.tmp_dir1582861190\user\vuze_custom.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\security\blacklisted.certs
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\resource.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\security\blacklist
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\jfr\default.jfc
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\fonts\lucidasansdemibold.ttf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\fonts\lucidasansregular.ttf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\fonts\lucidatypewriterbold.ttf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\fonts\lucidatypewriterregular.ttf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\hijrah-config-umalqura.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\images\cursors\cursors.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\images\cursors\invalid32x32.gif
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\images\cursors\win32_copydrop32x32.gif
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\images\cursors\win32_copynodrop32x32.gif
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\images\cursors\win32_linkdrop32x32.gif
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\images\cursors\win32_linknodrop32x32.gif
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\images\cursors\win32_movedrop32x32.gif
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\images\cursors\win32_movenodrop32x32.gif
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\jce.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\fonts\lucidabrightdemiitalic.ttf
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\resources.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\jfr.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\jsse.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\jvm.hprof.txt
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\logging.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\management\jmxremote.access
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\management\jmxremote.password.template
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\management\management.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\management\snmp.acl.template
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\management-agent.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\meta-index
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\net.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\plugin.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\psfont.properties.ja
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\psfontj2d.properties
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\rt.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\management-agent.jar
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\policytool.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jsound.dll
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_24_5p83tu.utf8
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_12_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_25_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_18_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_38_5p83tu_1jaybna.png
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_2_5p83tu.utf8
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_36_5p83tu_141ij3m.png
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_4_5p83tu.utf8
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_11_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\messagesdefault
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_16_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\user.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\stats.properties
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_32_5p83tu.txt
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_20_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_mac_en_1.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\installer.ico
- %TEMP%\e4jc03.tmp_dir1582861190\user\ya_distr_171x255.png
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_nl.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_de.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_br.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\user\avg_en_01.png
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_mac_en_a3.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\user\vmdetector
- %TEMP%\e4jc03.tmp_dir1582861190\user\avg_en_03.png
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_mac_en_a.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_en.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_jp.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_se.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\user\avg_en_03b.png
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_22_5p83tu.utf8
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_0_5p83tu.utf8
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_37_5p83tu_bm8amj.ico
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_19_5p83tu.utf8
- %PROGRAMDATA%\chrome\goopdate.dll
- %PROGRAMDATA%\chrome\vvss3333.xml
- %PROGRAMDATA%\chrome\mybundle.exe
- %PROGRAMDATA%\deep.txt
- %TEMP%\nszf446.tmp
- %TEMP%\nspf457.tmp\system.dll
- %TEMP%\nspf457.tmp\inetc.dll
- %TEMP%\vuzeinstall\vuzeinstaller.exe
- %TEMP%\i4j_nlog_1.log
- %TEMP%\e4jc03.tmp_dir1582861190\i4jruntime.jar
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_13_5p83tu.utf8
- %TEMP%\e4jc03.tmp_dir1582861190\i4jparams.conf
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_15_5p83tu.utf8
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_1_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_26_5p83tu_12q8bqh.png
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_35_5p83tu.txt
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_7_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_29_5p83tu_1rv17he.png
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_33_5p83tu.txt
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_17_5p83tu.utf8
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_14_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_8_5p83tu.utf8
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_27_5p83tu_1a89bbn.png
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_3_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_6_5p83tu.utf8
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_30_5p83tu_1uj26g4.png
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_23_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_28_5p83tu_x2womb.png
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_34_5p83tu_10qu06u.png
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_9_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_31_5p83tu.txt
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\bci.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\orbd.exe
- %TEMP%\e4jc03.tmp_dir1582861190\user\avg_en_02.png
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\javaw.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\java_crw_demo.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jawt.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jawtaccessbridge-64.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jdwp.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jfr.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jjs.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jli.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jp2iexp.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jp2launcher.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jp2native.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jp2ssv.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jpeg.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jsdt.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jsoundds.dll
- %TEMP%\e4jc03.tmp_dir1582861190\user\cocoawindowcentercoordinates
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\kcms.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\keytool.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\kinit.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\klist.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\ktab.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\lcms.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\management.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\mlib_image.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\msvcp120.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\msvcr100.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\msvcr120.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\net.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\nio.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\npt.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\javacpl.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\pack200.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\javacpl.cpl
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\awt.dll
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_mac_en_b.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_es.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_hi.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\user\avast_fr.jpg
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_5_5p83tu.properties
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_10_5p83tu.utf8
- %TEMP%\e4jc03.tmp_dir1582861190\i4j_extf_21_5p83tu.utf8
- %TEMP%\e4je46.tmp
- %TEMP%\e4jc03.tmp_dir1582861190\jre.tar.gz
- %TEMP%\e4jc03.tmp_dir1582861190\jre\copyright
- %TEMP%\e4jc03.tmp_dir1582861190\jre\license
- %TEMP%\e4jc03.tmp_dir1582861190\jre\readme.txt
- %TEMP%\e4jc03.tmp_dir1582861190\jre\thirdpartylicensereadme.txt
- %TEMP%\e4jc03.tmp_dir1582861190\jre\welcome.html
- %TEMP%\e4jc03.tmp_dir1582861190\user\vuze_custom.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\java.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\dcpr.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\deploy.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\dt_shmem.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\dt_socket.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\eula.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\fontmanager.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\hprof.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\instrument.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\j2pcsc.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\j2pkcs11.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jaas_nt.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\jabswitch.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\java-rmi.exe
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\java.dll
- %TEMP%\e4jc03.tmp_dir1582861190\jre\bin\javaaccessbridge-64.dll
- %TEMP%\i4j_log_vuze_1618332661950498004.log
- %PROGRAMDATA%\chrome\goopdate.dll
- %PROGRAMDATA%\chrome\vvss3333.xml
- %PROGRAMDATA%\chrome\mybundle.exe
- %PROGRAMDATA%\deep.txt
- %TEMP%\e4je46.tmp
- %TEMP%\e4jd85e.tmp
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\zipfs.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\nashorn.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\localedata.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\jaccess.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\dnsns.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\cldrdata.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\ext\access-bridge-64.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\rt.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\resources.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\plugin.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\management-agent.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\jsse.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\jfr.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\deploy.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre\lib\charsets.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\jre.tar.gz
- %TEMP%\e4jc03.tmp_dir1582861190\user.jar.pack
- %TEMP%\e4jc03.tmp_dir1582861190\user\vuze_custom.jar.pack
- http://cf#.#uze.com/files/Vuze_Installer64.exe
- http://cf#.#uze.com/files/windows-amd64-jre8.tar.gz
- http://www.vu##.com/install/getpartner.php?fo#########
- DNS ASK cf#.#uze.com
- DNS ASK ki###torrent.ru
- DNS ASK YA##O.Com
- DNS ASK mt##.##0.yahoodns.net
- DNS ASK vu##.com
- ClassName: '#32770' WindowName: ''
- '%PROGRAMDATA%\chrome\bitoreen.exe'
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\jaccess.jar.pack" "jre\lib\ext\jaccess.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\cldrdata.jar.pack" "jre\lib\ext\cldrdata.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\dnsns.jar.pack" "jre\lib\ext\dnsns.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "%TEMP%\e4jC03.tmp_dir1582861190\user.jar.pack" "%TEMP%\e4jC03.tmp_dir1582861190\user.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\localedata.jar.pack" "jre\lib\ext\localedata.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\zipfs.jar.pack" "jre\lib\ext\zipfs.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "%TEMP%\e4jC03.tmp_dir1582861190\user\vuze_custom.jar.pack" "%TEMP%\e4jC03.tmp_dir1582861190\user\vuze_custom.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\access-bridge-64.jar.pack" "jre\lib\ext\access-bridge-64.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\jsse.jar.pack" "jre\lib\jsse.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\nashorn.jar.pack" "jre\lib\ext\nashorn.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\plugin.jar.pack" "jre\lib\plugin.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\resources.jar.pack" "jre\lib\resources.jar"
- '%PROGRAMDATA%\chrome\mybundle.exe'
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\deploy.jar.pack" "jre\lib\deploy.jar"
- '%TEMP%\vuzeinstall\vuzeinstaller.exe'
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\charsets.jar.pack" "jre\lib\charsets.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\rt.jar.pack" "jre\lib\rt.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\management-agent.jar.pack" "jre\lib\management-agent.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\jfr.jar.pack" "jre\lib\jfr.jar"
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\jaccess.jar.pack" "jre\lib\ext\jaccess.jar"' (with hidden window)
- '%PROGRAMDATA%\chrome\mybundle.exe' ' (with hidden window)
- '%PROGRAMDATA%\chrome\bitoreen.exe' ' (with hidden window)
- '%TEMP%\e4jc03~1.tmp\jre\bin\java.exe' -version' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\zipfs.jar.pack" "jre\lib\ext\zipfs.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\nashorn.jar.pack" "jre\lib\ext\nashorn.jar"' (with hidden window)
- '%ProgramFiles%\Java\jre1.8.0_45\bin\java.exe' -version' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\localedata.jar.pack" "jre\lib\ext\localedata.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\dnsns.jar.pack" "jre\lib\ext\dnsns.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\charsets.jar.pack" "jre\lib\charsets.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\cldrdata.jar.pack" "jre\lib\ext\cldrdata.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\ext\access-bridge-64.jar.pack" "jre\lib\ext\access-bridge-64.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\rt.jar.pack" "jre\lib\rt.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\deploy.jar.pack" "jre\lib\deploy.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\resources.jar.pack" "jre\lib\resources.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\plugin.jar.pack" "jre\lib\plugin.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\jfr.jar.pack" "jre\lib\jfr.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\management-agent.jar.pack" "jre\lib\management-agent.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "jre\lib\jsse.jar.pack" "jre\lib\jsse.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "%TEMP%\e4jC03.tmp_dir1582861190\user.jar.pack" "%TEMP%\e4jC03.tmp_dir1582861190\user.jar"' (with hidden window)
- '%TEMP%\e4jc03.tmp_dir1582861190\jre\bin\unpack200.exe' "%TEMP%\e4jC03.tmp_dir1582861190\user\vuze_custom.jar.pack" "%TEMP%\e4jC03.tmp_dir1582861190\user\vuze_custom.jar"' (with hidden window)
- '%WINDIR%\syswow64\schtasks.exe' /create /tn Header /XML %PROGRAMDATA%\Chrome\vvss3333.xml
- '%WINDIR%\syswow64\schtasks.exe' /create /tn main /tr %PROGRAMDATA%\Chrome\bitoreen.exe /SC ONCE /ST 00:00
- '%WINDIR%\syswow64\schtasks.exe' /run /tn main
- '<SYSTEM32>\taskeng.exe' {D4589365-B3E5-4D0E-9FCC-961E79A82F97} S-1-5-21-1960123792-2022915161-3775307078-1001:xcmarwwtgxau\user:Interactive:[1]
- '%ProgramFiles%\Java\jre1.8.0_45\bin\java.exe' -version
- '<SYSTEM32>\icacls.exe' %PROGRAMDATA%\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
- '<SYSTEM32>\icacls.exe' %PROGRAMDATA%\Oracle\Java\.oracle_jre_usage\bdbb1a458f1cef64.timestamp /grant "everyone":(OI)(CI)M
- '<SYSTEM32>\wbem\wmic.exe' process where (name="pia_manager.exe") get processid
- '<SYSTEM32>\wbem\wmic.exe' process where (name="mullvad.exe") get processid
- '<SYSTEM32>\wbem\wmic.exe' process where (name="openvpn.exe") get processid