Technical Information
- %WINDIR%\tasks\31b64354-0289-4737-8508-465d7600a206-10_user.job
- <SYSTEM32>\tasks\temp_31b64354-0289-4737-8508-465d7600a206-6
- %WINDIR%\tasks\temp_31b64354-0289-4737-8508-465d7600a206-6.job
- <SYSTEM32>\tasks\31b64354-0289-4737-8508-465d7600a206-6
- %WINDIR%\tasks\31b64354-0289-4737-8508-465d7600a206-6.job
- <SYSTEM32>\tasks\31b64354-0289-4737-8508-465d7600a206-7
- %WINDIR%\tasks\31b64354-0289-4737-8508-465d7600a206-7.job
- <SYSTEM32>\tasks\31b64354-0289-4737-8508-465d7600a206-11
- %WINDIR%\tasks\31b64354-0289-4737-8508-465d7600a206-11.job
- <SYSTEM32>\tasks\frgce
- %WINDIR%\tasks\frgce.job
- <SYSTEM32>\tasks\globalupdateupdatetaskmachineua
- %WINDIR%\tasks\globalupdateupdatetaskmachineua.job
- <SYSTEM32>\tasks\globalupdateupdatetaskmachinecore
- %WINDIR%\tasks\globalupdateupdatetaskmachinecore.job
- <SYSTEM32>\tasks\31b64354-0289-4737-8508-465d7600a206-3
- %WINDIR%\tasks\31b64354-0289-4737-8508-465d7600a206-3.job
- <SYSTEM32>\tasks\31b64354-0289-4737-8508-465d7600a206-10_user
- %WINDIR%\tasks\31b64354-0289-4737-8508-465d7600a206-4.job
- <SYSTEM32>\tasks\31b64354-0289-4737-8508-465d7600a206-4
- [<HKLM>\System\CurrentControlSet\Services\globalUpdate] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\globalUpdate] 'ImagePath' = '%ProgramFiles(x86)%\globalUpdate\Update\GoogleUpdate.exe /svc'
- [<HKLM>\System\CurrentControlSet\Services\globalUpdatem] 'ImagePath' = '%ProgramFiles(x86)%\globalUpdate\Update\GoogleUpdate.exe /medsvc'
- 'globalUpdate' %ProgramFiles(x86)%\globalUpdate\Update\GoogleUpdate.exe /svc
- 'globalUpdatem' %ProgramFiles(x86)%\globalUpdate\Update\GoogleUpdate.exe /medsvc
- firefox.exe
- %TEMP%\nsr7d1c.tmp
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\19.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\195.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\119.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\7.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\345.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\234.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\391.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\9.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\4.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\281.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\242.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\390.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\91.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\93.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\231.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\288.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\14.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\264.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\184.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\223.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\178.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\64.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\97.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\220.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\262.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\246.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\334.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\375.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\289.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\380.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\260.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\263.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\221.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\376.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\252.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\80.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\354.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\b2ef6bad8845a4334cda46184cfc6cdc.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\de6f0c7e04fd3e7c28de6bbf0e9bf3ba.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\fa5d3593c512404d9638911e50ffa063.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\fbb0c604a13ed87c4c08f551fa23248a.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\99098748a7ca367b4fbcfbbd5e88ed51.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\pageaction.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\background.html
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\popup.html
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\chromecorefilesindex.txt
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\6296dbaad7dcc4e884a59c15354a8a2a.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\a9f45d10116f90c94835cb39fb7b18db.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\37917f710424a27695d3cb093575a0fa.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\afca11e33c3b157bd08a56654d066227.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\0f22610701f7ea8ba3e5c517007298b0.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\6af53c31094d17703a7bfb3d0d1abd88.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\icons\icon48.png
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\179.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\200.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\03472d7886c5b679bc3016a683c9edd9.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\389.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\253.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\385.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\273.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\335.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\180.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\339.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\232.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\manifest.xml
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins.json
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\manifest.json
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\icons\icon128.png
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\icons\icon16.png
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\icons\actions\1.png
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\123.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\9.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\102.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\385.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\380.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\376.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\375.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\357.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\354.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\389.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\391.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\349.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\339.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\335.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\334.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\289.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\288.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\348.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\345.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\78.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\4.js
- %ProgramFiles(x86)%\241f9d55-d7cb-45d5-95f2-d0ecca79be98\949ed11e-c5fa-43bb-956b-2170ce22f42f.dll
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\6792387f-3720-45e5-897b-fbaf1ef1bea1.dll
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-64.exe
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-7.exe
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\90c7ab0f-2387-4e1e-a713-6d01c7cdf1f8.dll
- %ProgramFiles(x86)%\241f9d55-d7cb-45d5-95f2-d0ecca79be98\ed68a134-5a7d-4731-81d2-6c3dbc6a74f9.dll
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\135d551f-fb98-4b21-bb85-6d0b2563007f.dll
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-6.exe
- %TEMP%\nsm7d9a.tmp\31b64354-0289-4737-8508-465d7600a206-7.dll
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\usercode\extension.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\usercode\background.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\93.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\91.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\78.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\281.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\280.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\390.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\277.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\273.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\178.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\settings.json
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\123.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\102.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins.json
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\manifest.xml
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\bgnova.html
- %TEMP%\nsm7d9a.tmp\31b64354-0289-4737-8508-465d7600a206-11.dll
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\usercode\background.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\8a2a6a2c23e2d6c8b0210d3a3a5a12f0.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\usercode\extension.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\13.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\356.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\47.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\17.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\179.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\180.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\28ec8b8833adac27941f1ff3ea804d5c.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\200.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\184.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\14.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\263.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\262.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\260.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\253.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\252.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\251.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\250.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\249.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\246.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\242.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\234.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\232.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\231.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\223.js
- %TEMP%\nsm7d9a.tmp\{10081d9f-1e58-4a5e-8f0f-34cb5a4f9f80}\plugins\264.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\installer.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\b7a62d08ec885bc265b9503cc62fa26d.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\1ec7fb26cd5bb2d2628a9b22463991dd.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\6296dbaad7dcc4e884a59c15354a8a2a.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\99098748a7ca367b4fbcfbbd5e88ed51.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\pageaction.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\b2ef6bad8845a4334cda46184cfc6cdc.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\28ec8b8833adac27941f1ff3ea804d5c.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\6af53c31094d17703a7bfb3d0d1abd88.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\03472d7886c5b679bc3016a683c9edd9.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\fa5d3593c512404d9638911e50ffa063.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\de6f0c7e04fd3e7c28de6bbf0e9bf3ba.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\afca11e33c3b157bd08a56654d066227.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\0f22610701f7ea8ba3e5c517007298b0.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\8a2a6a2c23e2d6c8b0210d3a3a5a12f0.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\installer.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\b7a62d08ec885bc265b9503cc62fa26d.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\37917f710424a27695d3cb093575a0fa.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\popup.html
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\385.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\1ec7fb26cd5bb2d2628a9b22463991dd.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\app_api.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\273.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\335.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\180.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\339.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\232.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\manifest.xml
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins.json
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\manifest.json
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\icons\icon128.png
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\icons\icon16.png
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\icons\actions\1.png
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\icons\icon48.png
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\background.html
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\chromecorefilesindex.txt
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\a9f45d10116f90c94835cb39fb7b18db.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\6d3e948315e96612224959780ff0f3bc.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\9f02abdf8480d8aa2e1e52a79f2e393f.js
- %TEMP%\comh.426064\googleupdateondemand.exe
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\utils.exe
- %TEMP%\comh.426064\googlecrashhandler.exe
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-10.exe
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\uninstallbrw.exe
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\uninstall.exe
- %TEMP%\nsm7d9a.tmp\17864
- %TEMP%\nsm7d9a.tmp\340216
- %TEMP%\nsm7d9a.tmp\md5dll.dll
- %TEMP%\comh.426064\googleupdatebroker.exe
- %TEMP%\nsm7d9a.tmp\nsisos.dll
- %TEMP%\nsm7d9a.tmp\userinfo.dll
- %TEMP%\nsm7d9a.tmp\installerutils2.dll
- %TEMP%\nsm7d9a.tmp\installerutils.dll
- %TEMP%\nsm7d9a.tmp\system.dll
- %TEMP%\nsm7d9a.tmp\stdutils.dll
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\253.js
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206.xpi
- %TEMP%\comh.426064\googleupdatehelper.msi
- %TEMP%\comh.426064\goopdateres_en.dll
- %TEMP%\comh.426064\googleupdate.exe
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\817ecded5ac5ff6eefc3ef55df43e24a.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\popupresource\newpopup.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\popupresource\popup.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\53398d261da4c2e04d8ee573e6615873.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\main.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\ae0b4fbd7f39881008142551a2c025cf.js
- %TEMP%\nsm7d9a.tmp\execdos.dll
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-3.exe
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\135d551f-fb98-4b21-bb85-6d0b2563007f.crx
- %ProgramFiles(x86)%\globalupdate\update\1.3.25.0\goopdate.dll
- %ProgramFiles(x86)%\globalupdate\update\1.3.25.0\googleupdate.exe
- %TEMP%\comh.426064\psuser.dll
- %TEMP%\comh.426064\psmachine.dll
- %TEMP%\comh.426064\npgoogleupdate4.dll
- %TEMP%\comh.426064\goopdate.dll
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\241f9d55-d7cb-45d5-95f2-d0ecca79be98.dll
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\389.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\200.js
- %ProgramFiles(x86)%\globalupdate\update\1.3.25.0\npgoogleupdate4.dll
- %ProgramFiles(x86)%\globalupdate\update\1.3.25.0\psmachine.dll
- %ProgramFiles(x86)%\globalupdate\update\1.3.25.0\psuser.dll
- %ProgramFiles(x86)%\globalupdate\update\1.3.25.0\googleupdatehelper.msi
- %ProgramFiles(x86)%\globalupdate\update\1.3.25.0\goopdateres_en.dll
- %ProgramFiles(x86)%\globalupdate\update\1.3.25.0\googlecrashhandler.exe
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\api\fbb0c604a13ed87c4c08f551fa23248a.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\settings.json
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\usercode\background.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\13.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\356.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\47.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\17.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\78.js
- %ProgramFiles(x86)%\globalupdate\update\googleupdate.exe
- %ProgramFiles(x86)%\globalupdate\update\1.3.25.0\googleupdatebroker.exe
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\6d3e948315e96612224959780ff0f3bc.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\288.js
- %ProgramFiles(x86)%\globalupdate\update\1.3.25.0\googleupdateondemand.exe
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\app_api.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\9f02abdf8480d8aa2e1e52a79f2e393f.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\817ecded5ac5ff6eefc3ef55df43e24a.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\popupresource\newpopup.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\popupresource\popup.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\lib\53398d261da4c2e04d8ee573e6615873.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\main.js
- %APPDATA%\opera software\opera stable\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\js\ae0b4fbd7f39881008142551a2c025cf.js
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-11.exe
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206.crx
- %APPDATA%\frgce
- %APPDATA%\frgce.exe
- %TEMP%\nsm7d9a.tmp\31b64354-0289-4737-8508-465d7600a206-3.dll
- %TEMP%\msi13784.log
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\102.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\usercode\extension.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\80.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\264.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\179.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\281.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\7.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\345.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\234.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\231.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\376.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\4.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\242.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\195.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\390.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\91.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\93.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\221.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\123.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\19.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\354.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\391.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\252.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\184.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\119.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\223.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\178.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\64.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\97.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\220.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\262.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\246.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\334.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\375.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\289.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\380.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\260.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\263.js
- %LOCALAPPDATA%\google\chrome\user data\default\extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.26_0\extensiondata\plugins\14.js
- %ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-4.exe
- %TEMP%\nsm7d9a.tmp\17864
- %WINDIR%\tasks\temp_31b64354-0289-4737-8508-465d7600a206-6.job
- <SYSTEM32>\tasks\temp_31b64354-0289-4737-8508-465d7600a206-6
- from %ProgramFiles(x86)%\cinema video pro 2.1v03.04\135d551f-fb98-4b21-bb85-6d0b2563007f.dll to %ProgramFiles(x86)%\cinema video pro 2.1v03.04\135d551f-fb98-4b21-bb85-6d0b2563007f.dll
- %TEMP%\nsm7d9a.tmp\17864
- %LOCALAPPDATA%\Google\Chrome\User Data\Default\Cookies-journal
- %APPDATA%\Opera Software\Opera Stable\Cookies-journal
- http://er####.##aticclientstorage.com/utility.gif?re##########################################################################
- http://js.#####cclientstorage.com/plugin/apps/72893/manifest/1_36_01_22/nova/manifest.xml?ve#############
- http://er####.##aticclientstorage.com/utility.gif?re#################################################################################
- http://up####.##aticclientstorage.com/omaha/7F442311-045E-4D30-B7DD-62681BC52771/1/ping.xml?ra########
- http://lo##.####icclientstorage.com/monetization.gif?ra##########################################################################################################################################...
- http://up####.##aticclientstorage.com/omaha/7F442311-045E-4D30-B7DD-62681BC52771/1/update.xml?ra########
- http://up####.##aticclientstorage.com/omaha/7F442311-045E-4D30-B7DD-62681BC52771/1/update.xml?ra#################################################################################################...
- http://up####.##aticclientstorage.com/omaha/430FD4D0-B729-4F61-AA34-91526481799D/1/ping.xml?ra########
- http://er####.##aticclientstorage.com/ch-agent-error.gif?ac######################################################################################################################################...
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://er####.##aticclientstorage.com/utility.gif?re###############################################################################
- http://er####.##aticclientstorage.com/utility.gif?re##################################################################################
- http://er####.##aticclientstorage.com/utility.gif?re#########################################################################################
- http://er####.##aticclientstorage.com/utility.gif?re#####################################################################################
- http://er####.##aticclientstorage.com/utility.gif?re############################################################################
- http://er####.##aticclientstorage.com/utility.gif?re########################################################################
- http://lo##.####icclientstorage.com/monetization.gif?ev##########################################################################################################################################...
- http://er####.##aticclientstorage.com/installer-error.gif?ac#####################################################################################################################################...
- http://st###.###ticclientstorage.com/installer.gif?ac############################################################################################################################################...
- http://ip###api.com/
- http://st###.###ticclientstorage.com/stats.gif?ac################################################################################################################################################...
- http://st###.###ticclientstorage.com/apps.gif?ac#################################################################################################################################################...
- DNS ASK er####.##aticclientstorage.com
- DNS ASK ip###api.com
- DNS ASK st###.###ticclientstorage.com
- DNS ASK lo##.####icclientstorage.com
- DNS ASK go###eapis.com
- DNS ASK microsoft.com
- DNS ASK up####.##aticclientstorage.com
- DNS ASK js.#####cclientstorage.com
- '%TEMP%\comh.426064\googleupdate.exe' /silent /install "appguid={7f442311-045e-4d30-b7dd-62681bc52771}&appname=3e08f048-a553-42f0-8660-e6abbd8ba2a6&needsadmin=True&lang=en"
- '%ProgramFiles(x86)%\globalupdate\update\googleupdate.exe' /svc
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-6.exe' /rawdata=sKQ90iSgAO6p4ROD1lsUTBtISYG83/ISRD2ltTSgP4q40HjWHRynL8nsM260LbIBqEzztl4xAhDmzD8kGWVSuXxRyQY9lWCxLdFFGCuHRYVjoa/lHFVf/4hgb829ikTJOeshUZrFfRf2Jg2QDlIexOI1Db/BTGePFFoDFb5O8RIz+E3h4iAj9zV5...
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-7.exe' /rawdata=eogNfbTqdGpAsQdGkpLZk1WeT/2tvdAOSf37/FU8YLp4XMmV4oFpDjB3HR+14yLRRZsHhlVleM25KMMjm+/UDv96fUadEkfntmajYuHPI/BC2nR8gI6BIh6691WgUda6M1L0WtwKZxiwB/Uu4S8Ofve0A4pbjNsQBOCDb4TrFvVK6QJ2uQFCjy/F...
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-4.exe' /rawdata=s0apcmmQS6JRegSvBKxPhnQE+eT7zAID1jZOdWpIVQOMm1PeyYoZ0IyedGFs6Ccnw/64eYMAIMbQpP1/yF0cZVH95z58oXdV3wz2/WUT9yCGfdzXMkRohteVeDgTVBkzF+p/trbO1pusUMBiW5oWtOYh3+dfC/kFJVdNfOgeK6mHmkAbwhphHk7n...
- '%ProgramFiles(x86)%\globalupdate\update\googleupdate.exe' /regserver
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-7.exe' /rawdata=hT4gmllJ+vk0kcUwEbldbGQKAX+vNO9TPIU1fmgDra2NyCTR94bK5e3ON17keAqR1ehMKYufQcV81cZ52E1Og0f+Xjv8x/bhKGymlEzPLQncNbGVLkIo6eHpnQbl9K/2umkdMZYTR6afYYixS4APdsdbrNxzSIUI3frT1WxnGjpU6CFBfmJYScuD...
- '%ProgramFiles(x86)%\globalupdate\update\googleupdate.exe' /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB2ZXJzaW9uPSIxLjMuMjUuMCIgaXNtYWNoaW5lPSIxIiBzZXNzaW9uaWQ9IntCQzBCOEU1NS01MjI3LTQ4REEtOEVDNy1DMEQxMzNDODg...
- '%ProgramFiles(x86)%\globalupdate\update\googleupdate.exe' /regsvc
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-3.exe' /rawdata=Sd8P/swldY587ugB3AulEx/LgaBMQLXmksEgGmf08VwhbAgtzy0fwi+LkwQVHmqPT5u/MhsF1pCWxjlhUQHU8qScg5zkEY6G9VxmpT+5TByHYkTZQk2qiixLVydjoztWeo42eZEgKvSQAR2k25sWRR5NFzdA31IJMw0Ct9KZINRLEorUjfexHoZA...
- '%ProgramFiles(x86)%\globalupdate\update\googleupdate.exe' /handoff "appguid={7f442311-045e-4d30-b7dd-62681bc52771}&appname=3e08f048-a553-42f0-8660-e6abbd8ba2a6&needsadmin=True&lang=en" /installsource otherinstallcmd /sessionid "{BC0B8E55-5227-48DA-8EC...
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-11.exe' /rawdata=QG6iGWRUbk0XoR20b8ONNINs4jQy/63k9rrPusY9Y+7ni0+16Z74hsJR/ayOdGxV3G7cPmkQoRGA9mWOWuMjwc3xs69gWSP6Zl2z4ahCS+zoH0haC3vQKQpTJijjftcpqfGGt396QeL4GLCyFK7AF041bpuAiGqIFh6JVTzHwfgQUdMbeGtQzKrh...
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-7.exe' /rawdata=eogNfbTqdGpAsQdGkpLZk1WeT/2tvdAOSf37/FU8YLp4XMmV4oFpDjB3HR+14yLRRZsHhlVleM25KMMjm+/UDv96fUadEkfntmajYuHPI/BC2nR8gI6BIh6691WgUda6M1L0WtwKZxiwB/Uu4S8Ofve0A4pbjNsQBOCDb4TrFvVK6QJ2uQFCjy/F...' (with hidden window)
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-6.exe' /rawdata=sKQ90iSgAO6p4ROD1lsUTBtISYG83/ISRD2ltTSgP4q40HjWHRynL8nsM260LbIBqEzztl4xAhDmzD8kGWVSuXxRyQY9lWCxLdFFGCuHRYVjoa/lHFVf/4hgb829ikTJOeshUZrFfRf2Jg2QDlIexOI1Db/BTGePFFoDFb5O8RIz+E3h4iAj9zV5...' (with hidden window)
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-11.exe' /rawdata=QG6iGWRUbk0XoR20b8ONNINs4jQy/63k9rrPusY9Y+7ni0+16Z74hsJR/ayOdGxV3G7cPmkQoRGA9mWOWuMjwc3xs69gWSP6Zl2z4ahCS+zoH0haC3vQKQpTJijjftcpqfGGt396QeL4GLCyFK7AF041bpuAiGqIFh6JVTzHwfgQUdMbeGtQzKrh...' (with hidden window)
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-7.exe' /rawdata=hT4gmllJ+vk0kcUwEbldbGQKAX+vNO9TPIU1fmgDra2NyCTR94bK5e3ON17keAqR1ehMKYufQcV81cZ52E1Og0f+Xjv8x/bhKGymlEzPLQncNbGVLkIo6eHpnQbl9K/2umkdMZYTR6afYYixS4APdsdbrNxzSIUI3frT1WxnGjpU6CFBfmJYScuD...' (with hidden window)
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-3.exe' /rawdata=Sd8P/swldY587ugB3AulEx/LgaBMQLXmksEgGmf08VwhbAgtzy0fwi+LkwQVHmqPT5u/MhsF1pCWxjlhUQHU8qScg5zkEY6G9VxmpT+5TByHYkTZQk2qiixLVydjoztWeo42eZEgKvSQAR2k25sWRR5NFzdA31IJMw0Ct9KZINRLEorUjfexHoZA...' (with hidden window)
- '%ProgramFiles(x86)%\cinema video pro 2.1v03.04\31b64354-0289-4737-8508-465d7600a206-4.exe' /rawdata=s0apcmmQS6JRegSvBKxPhnQE+eT7zAID1jZOdWpIVQOMm1PeyYoZ0IyedGFs6Ccnw/64eYMAIMbQpP1/yF0cZVH95z58oXdV3wz2/WUT9yCGfdzXMkRohteVeDgTVBkzF+p/trbO1pusUMBiW5oWtOYh3+dfC/kFJVdNfOgeK6mHmkAbwhphHk7n...' (with hidden window)