Technical Information
To ensure autorun and distribution:
Creates the following services:
- [<HKLM>\SYSTEM\ControlSet001\Services\service_launcher_core] 'ImagePath' = '"%ALLUSERSPROFILE%\Application Data\MicrosoftCoreLiveUpdateEngine\smss.exe"'
- [<HKLM>\SYSTEM\ControlSet001\Services\service_launcher_core] 'Start' = '00000002'
Malicious functions:
Executes the following:
- '%ALLUSERSPROFILE%\Application Data\MicrosoftCoreLiveUpdateEngine\smss.exe'
- '%ALLUSERSPROFILE%\Application Data\MicrosoftCoreLiveUpdateEngine\smss.exe' SERVICE_INSTALL
Modifies file system:
Creates the following files:
- C:\Documents and Settings\LocalService\Application Data\Red.txt
- C:\Documents and Settings\LocalService\Application Data\clZ.txt
- C:\Documents and Settings\LocalService\Application Data\yb3.txt
- C:\Documents and Settings\LocalService\Application Data\Q0h5GwqOPNo.txt
- C:\Documents and Settings\LocalService\Application Data\r3OPmQOoJYi.txt
- C:\Documents and Settings\LocalService\Application Data\nuN1.txt
- C:\Documents and Settings\LocalService\Application Data\AKlhxPV.txt
- C:\Documents and Settings\LocalService\Application Data\WiHsbz.txt
- C:\Documents and Settings\LocalService\Application Data\c4uQpQAY22.txt
- C:\Documents and Settings\LocalService\Application Data\8bPtWHd0yd.txt
- C:\Documents and Settings\LocalService\Application Data\yR2ynJusl.txt
- C:\Documents and Settings\LocalService\Application Data\EJObpUc.txt
- C:\Documents and Settings\LocalService\Application Data\1Eff.txt
- C:\Documents and Settings\LocalService\Application Data\CBEg4rxSc.txt
- C:\Documents and Settings\LocalService\Application Data\V7g.txt
- C:\Documents and Settings\LocalService\Application Data\jKzS.txt
- C:\Documents and Settings\LocalService\Application Data\0G4iD.txt
- C:\Documents and Settings\LocalService\Application Data\VwcbFmj1.txt
- C:\Documents and Settings\LocalService\Application Data\nvSb.txt
- C:\Documents and Settings\LocalService\Application Data\hYqTD5.txt
- C:\Documents and Settings\LocalService\Application Data\apWJpob.txt
- C:\Documents and Settings\LocalService\Application Data\DLWVGkjV.txt
- C:\Documents and Settings\LocalService\Application Data\wKvOzpdBwH.txt
- C:\Documents and Settings\LocalService\Application Data\1LXDYO3q.txt
- C:\Documents and Settings\LocalService\Application Data\F6kS4X3.txt
- C:\Documents and Settings\LocalService\Application Data\BDtAFN.txt
- C:\Documents and Settings\LocalService\Application Data\zlk3mo.txt
- C:\Documents and Settings\LocalService\Application Data\SNKD1o2KPU.txt
- C:\Documents and Settings\LocalService\Application Data\6mRXs5i.txt
- C:\Documents and Settings\LocalService\Application Data\TRp8.txt
- C:\Documents and Settings\LocalService\Application Data\FsE0.txt
- C:\Documents and Settings\LocalService\Application Data\KRFVS9nWy26.txt
- C:\Documents and Settings\LocalService\Application Data\lYRj.txt
- C:\Documents and Settings\LocalService\Application Data\adbsmk.txt
- C:\Documents and Settings\LocalService\Application Data\rWkb8OsNlK.txt
- C:\Documents and Settings\LocalService\Application Data\JZNVFvpj.txt
- C:\Documents and Settings\LocalService\Application Data\dtO.txt
- C:\Documents and Settings\LocalService\Application Data\P3h0.txt
- C:\Documents and Settings\LocalService\Application Data\1KBC77.txt
- C:\Documents and Settings\LocalService\Application Data\aZIg.txt
- C:\Documents and Settings\LocalService\Application Data\VzUL.txt
- C:\Documents and Settings\LocalService\Application Data\ENPQHmsKJy.txt
- C:\Documents and Settings\LocalService\Application Data\K6vLuzgT.txt
- C:\Documents and Settings\LocalService\Application Data\YwzsU2r0Mdg.txt
- C:\Documents and Settings\LocalService\Application Data\NJMon26Zsb.txt
- C:\Documents and Settings\LocalService\Application Data\Op4b.txt
- C:\Documents and Settings\LocalService\Application Data\RNVN.txt
- %ALLUSERSPROFILE%\Application Data\MicrosoftCoreLiveUpdateEngine\smss.InstallState
- C:\Documents and Settings\LocalService\Application Data\EkQ2Fgb8TC.txt
- C:\Documents and Settings\LocalService\Application Data\JcXgRk4G.txt
- C:\Documents and Settings\LocalService\Application Data\q6c.txt
- C:\Documents and Settings\LocalService\Application Data\0GaBDYmd59u.txt
- C:\Documents and Settings\LocalService\Application Data\JmKMAhzm.txt
- C:\Documents and Settings\LocalService\Application Data\DuaCxliv4jW.txt
- C:\Documents and Settings\LocalService\Application Data\kWmywJNf1rr.txt
- C:\Documents and Settings\LocalService\Application Data\V7WK0sT7Vg.txt
- C:\Documents and Settings\LocalService\Application Data\tyS5aQL.txt
- C:\Documents and Settings\LocalService\Application Data\LFhqCSZuZt.txt
- C:\Documents and Settings\LocalService\Application Data\B7IJzi4Rk.txt
- C:\Documents and Settings\LocalService\Application Data\ECO1.txt
- C:\Documents and Settings\LocalService\Application Data\l28FFUJD9Or.txt
- C:\Documents and Settings\LocalService\Application Data\Z05g.txt
- C:\Documents and Settings\LocalService\Application Data\yqpA86YBGyq.txt
- C:\Documents and Settings\LocalService\Application Data\uVarl.txt
- C:\Documents and Settings\LocalService\Application Data\9zVIVwi.txt
- C:\Documents and Settings\LocalService\Application Data\03LIFP.txt
- C:\Documents and Settings\LocalService\Application Data\Qel.txt
- C:\Documents and Settings\LocalService\Application Data\V8UqCMycIU.txt
- C:\Documents and Settings\LocalService\Application Data\4KG8qA7Rn6x.txt
- C:\Documents and Settings\LocalService\Application Data\zwleAhJYKji.txt
- C:\Documents and Settings\LocalService\Application Data\sRm7.txt
- C:\Documents and Settings\LocalService\Application Data\ClQi3GjiM3u.txt
- C:\Documents and Settings\LocalService\Application Data\2wsM4.txt
- C:\Documents and Settings\LocalService\Application Data\gBLNYr.txt
- C:\Documents and Settings\LocalService\Application Data\vq2wnmx.txt
- C:\Documents and Settings\LocalService\Application Data\2e6i.txt
- C:\Documents and Settings\LocalService\Application Data\3FkPe9Kv.txt
- C:\Documents and Settings\LocalService\Application Data\1PfsiivjgeO.txt
- C:\Documents and Settings\LocalService\Application Data\bALA.txt
- C:\Documents and Settings\LocalService\Application Data\v4yVtgLeR.txt
- C:\Documents and Settings\LocalService\Application Data\no3jQL.txt
- C:\Documents and Settings\LocalService\Application Data\RSBV.txt
- %ALLUSERSPROFILE%\Application Data\MicrosoftCoreLiveUpdateEngine\serial.sn
- C:\Documents and Settings\LocalService\Application Data\8MVG8j.txt
- C:\Documents and Settings\LocalService\Application Data\lAVQCdlXU.txt
- C:\Documents and Settings\LocalService\Application Data\gh80joE.txt
- C:\Documents and Settings\LocalService\Application Data\DvIH.txt
- C:\Documents and Settings\LocalService\Application Data\OkyQ93hUR.txt
- C:\Documents and Settings\LocalService\Application Data\RkjRExvM8Oj.txt
- C:\Documents and Settings\LocalService\Application Data\0u1mP.txt
- C:\Documents and Settings\LocalService\Application Data\nif58bEqFp.txt
- C:\Documents and Settings\LocalService\Application Data\WCt.txt
- C:\Documents and Settings\LocalService\Application Data\sW2.txt
- C:\Documents and Settings\LocalService\Application Data\aSq5PAQK.txt
- C:\Documents and Settings\LocalService\Application Data\J287.txt
- C:\Documents and Settings\LocalService\Application Data\304.txt
- C:\Documents and Settings\LocalService\Application Data\RHILR.txt
- C:\Documents and Settings\LocalService\Application Data\ClxYS.txt
- C:\Documents and Settings\LocalService\Application Data\P7AvAdbY5CX.txt
- C:\Documents and Settings\LocalService\Application Data\4pYpUn.txt
- C:\Documents and Settings\LocalService\Application Data\2N79icQ.txt
- C:\Documents and Settings\LocalService\Application Data\KEdvWK.txt
- C:\Documents and Settings\LocalService\Application Data\yT05OKv1MG.txt
- C:\Documents and Settings\LocalService\Application Data\MZjyY.txt
- C:\Documents and Settings\LocalService\Application Data\gkOziDIv.txt
- C:\Documents and Settings\LocalService\Application Data\jckTQHx.txt
- C:\Documents and Settings\LocalService\Application Data\8VNMdatV4ME.txt
- C:\Documents and Settings\LocalService\Application Data\HAo.txt
- C:\Documents and Settings\LocalService\Application Data\l4norZ7fFdm.txt
- C:\Documents and Settings\LocalService\Application Data\ekNxGNlf.txt
- C:\Documents and Settings\LocalService\Application Data\6Pqo.txt
- C:\Documents and Settings\LocalService\Application Data\fAJZcpJW.txt
- C:\Documents and Settings\LocalService\Application Data\7IYZNd.txt
- C:\Documents and Settings\LocalService\Application Data\fgdIrYYrt.txt
- C:\Documents and Settings\LocalService\Application Data\XLnBuiQA.txt
- C:\Documents and Settings\LocalService\Application Data\lFGdNMT.txt
- C:\Documents and Settings\LocalService\Application Data\Lnf2QaN.txt
- C:\Documents and Settings\LocalService\Application Data\8XYpU.txt
- C:\Documents and Settings\LocalService\Application Data\sNa.txt
- C:\Documents and Settings\LocalService\Application Data\JgRjLOU.txt
- C:\Documents and Settings\LocalService\Application Data\Y76Nsl4.txt
- C:\Documents and Settings\LocalService\Application Data\UrveeYxTm.txt
- C:\Documents and Settings\LocalService\Application Data\x34C97sECY.txt
- C:\Documents and Settings\LocalService\Application Data\G5Hxqx1lmi7.txt
- C:\Documents and Settings\LocalService\Application Data\LIxQ86LiFt.txt
- C:\Documents and Settings\LocalService\Application Data\CzR.txt
- C:\Documents and Settings\LocalService\Application Data\qWIhAKTu4a.txt
- C:\Documents and Settings\LocalService\Application Data\Ad7qLsZbv.txt
- C:\Documents and Settings\LocalService\Application Data\RAnJB05.txt
- C:\Documents and Settings\LocalService\Application Data\JHuX.txt
- C:\Documents and Settings\LocalService\Application Data\rLJQkb3U.txt
- C:\Documents and Settings\LocalService\Application Data\SzYPznwnTRl.txt
- C:\Documents and Settings\LocalService\Application Data\tXHYLwLkS.txt
- C:\Documents and Settings\LocalService\Application Data\zPowYnP.txt
- C:\Documents and Settings\LocalService\Application Data\zjy1w.txt
- C:\Documents and Settings\LocalService\Application Data\YSxye9HM.txt
- C:\Documents and Settings\LocalService\Application Data\ayK.txt
- C:\Documents and Settings\LocalService\Application Data\NR6kP5R1SR.txt
- C:\Documents and Settings\LocalService\Application Data\SiV.txt
- C:\Documents and Settings\LocalService\Application Data\ahLxWe.txt
- C:\Documents and Settings\LocalService\Application Data\8IxKQ.txt
- C:\Documents and Settings\LocalService\Application Data\XF3P85n.txt
- C:\Documents and Settings\LocalService\Application Data\nOPk.txt
- C:\Documents and Settings\LocalService\Application Data\FOdlViCV.txt
- C:\Documents and Settings\LocalService\Application Data\JppKAgA7i.txt
- C:\Documents and Settings\LocalService\Application Data\PFh.txt
- C:\Documents and Settings\LocalService\Application Data\nVtVm9N.txt
- C:\Documents and Settings\LocalService\Application Data\JC7M.txt
- C:\Documents and Settings\LocalService\Application Data\gRY.txt
- C:\Documents and Settings\LocalService\Application Data\N0rZncNV.txt
- C:\Documents and Settings\LocalService\Application Data\U2Q8.txt
- C:\Documents and Settings\LocalService\Application Data\s1dMgit.txt
- C:\Documents and Settings\LocalService\Application Data\GjVqS.txt
- C:\Documents and Settings\LocalService\Application Data\jvNcR.txt
- C:\Documents and Settings\LocalService\Application Data\vegn0D3.txt
- C:\Documents and Settings\LocalService\Application Data\AdmVbOQ2Ed.txt
- C:\Documents and Settings\LocalService\Application Data\tfzxJZ2vT5r.txt
- C:\Documents and Settings\LocalService\Application Data\MX5.txt
- C:\Documents and Settings\LocalService\Application Data\52Cgx.txt
- C:\Documents and Settings\LocalService\Application Data\0rpQnoR46QV.txt
- C:\Documents and Settings\LocalService\Application Data\HUgR3L.txt
- C:\Documents and Settings\LocalService\Application Data\FTmsZjuilx.txt
- C:\Documents and Settings\LocalService\Application Data\ZTEi1KtrRC.txt
- C:\Documents and Settings\LocalService\Application Data\yNM76f.txt
- C:\Documents and Settings\LocalService\Application Data\3Xt9gG.txt
- C:\Documents and Settings\LocalService\Application Data\WiLCXl.txt
- C:\Documents and Settings\LocalService\Application Data\vQmpFm9.txt
- C:\Documents and Settings\LocalService\Application Data\1dW6VIDO8L4.txt
- C:\Documents and Settings\LocalService\Application Data\jLDfCgvHZkh.txt
- C:\Documents and Settings\LocalService\Application Data\vJjO.txt
- C:\Documents and Settings\LocalService\Application Data\mmQhf.txt
- C:\Documents and Settings\LocalService\Application Data\kS1vX.txt
- C:\Documents and Settings\LocalService\Application Data\s2VOq2wVVYe.txt
- C:\Documents and Settings\LocalService\Application Data\gEs1EHLeYk.txt
- C:\Documents and Settings\LocalService\Application Data\UHuWLW.txt
- C:\Documents and Settings\LocalService\Application Data\wBmgenzl2Y.txt
- C:\Documents and Settings\LocalService\Application Data\egYHe3C7p.txt
- C:\Documents and Settings\LocalService\Application Data\6RljZ7VMDgX.txt
- C:\Documents and Settings\LocalService\Application Data\kWZ2zppL5Xv.txt
- C:\Documents and Settings\LocalService\Application Data\QZb.txt
- C:\Documents and Settings\LocalService\Application Data\RhoF22.txt
- C:\Documents and Settings\LocalService\Application Data\3fSZWXjO.txt
- C:\Documents and Settings\LocalService\Application Data\9hAxcBtrXz.txt
- C:\Documents and Settings\LocalService\Application Data\SidJOI.txt
- C:\Documents and Settings\LocalService\Application Data\VCc4h.txt
- C:\Documents and Settings\LocalService\Application Data\Kr8PNzat6GR.txt
- C:\Documents and Settings\LocalService\Application Data\3wLBUcRuUQ1.txt
- C:\Documents and Settings\LocalService\Application Data\ReAPx0ksDUj.txt
- C:\Documents and Settings\LocalService\Application Data\pj06d5EI.txt
- C:\Documents and Settings\LocalService\Application Data\KFkppc2.txt
- C:\Documents and Settings\LocalService\Application Data\mhLN3.txt
- C:\Documents and Settings\LocalService\Application Data\bJYWLK8qM3J.txt
- C:\Documents and Settings\LocalService\Application Data\aj6A4bm8hhD.txt
- C:\Documents and Settings\LocalService\Application Data\7G5i.txt
- C:\Documents and Settings\LocalService\Application Data\pjg.txt
- C:\Documents and Settings\LocalService\Application Data\SYfXS2.txt
- C:\Documents and Settings\LocalService\Application Data\fm2DVT2hfS7.txt
- C:\Documents and Settings\LocalService\Application Data\ZYV.txt
- C:\Documents and Settings\LocalService\Application Data\bep0PHDtfJ.txt
- C:\Documents and Settings\LocalService\Application Data\uBY.txt
- C:\Documents and Settings\LocalService\Application Data\ouV4zIX.txt
- C:\Documents and Settings\LocalService\Application Data\Hp7VCdi.txt
- C:\Documents and Settings\LocalService\Application Data\zDHY7.txt
- C:\Documents and Settings\LocalService\Application Data\Rr2kOzOuIM.txt
- C:\Documents and Settings\LocalService\Application Data\fskK.txt
- C:\Documents and Settings\LocalService\Application Data\dLdo.txt
- C:\Documents and Settings\LocalService\Application Data\fXIhvHY4zuf.txt
- C:\Documents and Settings\LocalService\Application Data\1pjWE.txt
- C:\Documents and Settings\LocalService\Application Data\f3khHbPit.txt
- C:\Documents and Settings\LocalService\Application Data\ISQt.txt
- C:\Documents and Settings\LocalService\Application Data\WOABoYngdy.txt
- C:\Documents and Settings\LocalService\Application Data\s0eDI0hzFT.txt
- C:\Documents and Settings\LocalService\Application Data\AklQHVvU.txt
- C:\Documents and Settings\LocalService\Application Data\ibFn.txt
- C:\Documents and Settings\LocalService\Application Data\QiPFveeawk5.txt
- C:\Documents and Settings\LocalService\Application Data\notyY.txt
- %APPDATA%\ijM.txt
- %APPDATA%\tfgxiKC.txt
- %APPDATA%\B3R7.txt
- %APPDATA%\iTK.txt
- %APPDATA%\RgoRgNS4ear.txt
- %APPDATA%\lq0fJ7.txt
- %APPDATA%\ngcd7fCk.txt
- %APPDATA%\cL0H.txt
- %APPDATA%\0Koq.txt
- %APPDATA%\FA1ABLSa.txt
- %APPDATA%\7kA8Dhd.txt
- %APPDATA%\1VG.txt
- %APPDATA%\9Tb9rkfHTEj.txt
- %APPDATA%\WSdO.txt
- %APPDATA%\nnH.txt
- %APPDATA%\tLk0.txt
- %APPDATA%\Cxmu.txt
- %APPDATA%\HqJTwdBXO.txt
- %APPDATA%\Yw5BN6Tri.txt
- %APPDATA%\Zzce.txt
- %APPDATA%\a1KRZ.txt
- %APPDATA%\xq93Rmw.txt
- %APPDATA%\IvFxfUdyv.txt
- %APPDATA%\OzGAsrzL.txt
- %APPDATA%\0e2iypo.txt
- %APPDATA%\6ilE7eHOD97.txt
- %APPDATA%\uIbOe3jC.txt
- %APPDATA%\xRp.txt
- %APPDATA%\8A4mWYH6uEY.txt
- %APPDATA%\77YkHJJ0.txt
- %APPDATA%\uFucBgypLZ.txt
- %APPDATA%\o6Io61Nu.txt
- %APPDATA%\gokR.txt
- %APPDATA%\nOgcvW4.txt
- %APPDATA%\YB34B.txt
- %APPDATA%\XOLJhych.txt
- %APPDATA%\oNC4.txt
- %APPDATA%\MgW1aD3mf.txt
- %APPDATA%\mvg.txt
- %APPDATA%\ZxZ4lWBAc.txt
- %APPDATA%\rUGbL.txt
- %APPDATA%\5g2ZVaJBOgX.txt
- %APPDATA%\pSFfWQi.txt
- %APPDATA%\iloinnE25hx.txt
- %APPDATA%\jr8.txt
- %APPDATA%\KiCKMepvPV.txt
- %APPDATA%\NKVcUsSwBB.txt
- %APPDATA%\YseNq6ti.txt
- %APPDATA%\dbNMZGa2R.txt
- %APPDATA%\IuW9qrUW1r.txt
- %APPDATA%\zE1ik.txt
- %APPDATA%\STvLbRp6Qit.txt
- %APPDATA%\k6iQ.txt
- %APPDATA%\9dIHew.txt
- %APPDATA%\2wsM4.txt
- %APPDATA%\V8UqCMycIU.txt
- %APPDATA%\4KG8qA7Rn6x.txt
- %APPDATA%\notyY.txt
- %APPDATA%\sRm7.txt
- %APPDATA%\ClQi3GjiM3u.txt
- %APPDATA%\zwleAhJYKji.txt
- %APPDATA%\v4yVtgLeR.txt
- %APPDATA%\vq2wnmx.txt
- %APPDATA%\2e6i.txt
- %APPDATA%\gBLNYr.txt
- %APPDATA%\1PfsiivjgeO.txt
- %APPDATA%\bALA.txt
- %APPDATA%\miyhkKjT6.txt
- %APPDATA%\3NfecFI6h.txt
- %APPDATA%\muIDB.txt
- %APPDATA%\2oKToJv1.txt
- %APPDATA%\ijPsf0Ra.txt
- %APPDATA%\uFJpZN.txt
- %APPDATA%\M6p0.txt
- %APPDATA%\6A2TO8Rv.txt
- %APPDATA%\qX6MKSpPzG.txt
- %APPDATA%\DFeUP.txt
- %APPDATA%\3fiwSe.txt
- %APPDATA%\nxrUSO0HC.txt
- %APPDATA%\u5m.txt
- %APPDATA%\3FkPe9Kv.txt
- %APPDATA%\gqCcA3B.txt
- %APPDATA%\PbwoEL9.txt
- %APPDATA%\Ew6H.txt
- %APPDATA%\WAaOHwJqW5.txt
- %APPDATA%\zKTgrNwJ.txt
- %APPDATA%\kfxI1.txt
- %APPDATA%\On3TkkRN7z.txt
- %APPDATA%\Y32lh.txt
- %ALLUSERSPROFILE%\Application Data\MicrosoftCoreLiveUpdateEngine\smss.exe
- %APPDATA%\2EN7VPQFM.txt
- %APPDATA%\qiRSiPtt.txt
- %APPDATA%\v0VxQSxEY.txt
- %APPDATA%\Y64RT.txt
- %APPDATA%\kWmywJNf1rr.txt
- %APPDATA%\V7WK0sT7Vg.txt
- %APPDATA%\tyS5aQL.txt
- %APPDATA%\LFhqCSZuZt.txt
- %APPDATA%\B7IJzi4Rk.txt
- %APPDATA%\ECO1.txt
- %APPDATA%\l28FFUJD9Or.txt
- %APPDATA%\Z05g.txt
- %APPDATA%\WTFxKwR3c.txt
- %APPDATA%\nO0YXu.txt
- %APPDATA%\9zVIVwi.txt
- %APPDATA%\03LIFP.txt
- %APPDATA%\Qel.txt
- %APPDATA%\PzXVew9r.txt
- %APPDATA%\FrXviyJFI.txt
- %APPDATA%\hesKGo.txt
- %APPDATA%\Qk3CleKrRl9.txt
- %APPDATA%\rd90r1.txt
- %APPDATA%\NzSyJ43xuSY.txt
- %APPDATA%\eMrADvLamia.txt
- %APPDATA%\P1FAJg5hL.txt
- %APPDATA%\7orPhbwBRC.txt
- %APPDATA%\Tyo.txt
- %APPDATA%\5wF7C3B.txt
- %APPDATA%\Ts46aO.txt
- %APPDATA%\o4nveBJ.txt
- %APPDATA%\XGcB0TW.txt
- %APPDATA%\94FKWqjX.txt
- %APPDATA%\cZEXLkuqWe.txt
- %APPDATA%\HwKwoav.txt
- %APPDATA%\FfLs2.txt
- %APPDATA%\KPjT8RJS.txt
- %APPDATA%\orGl2mQzS.txt
- %APPDATA%\t8hbfLOYt.txt
- %APPDATA%\W0uFe9IQZf.txt
- %APPDATA%\f9YJuzkQeju.txt
- %APPDATA%\Yd1jVFX.txt
- %APPDATA%\ufXSsJ.txt
- %APPDATA%\qR2h.txt
- %APPDATA%\BBG.txt
- %APPDATA%\SqC.txt
- C:\Documents and Settings\LocalService\Application Data\miyhkKjT6.txt
- C:\Documents and Settings\LocalService\Application Data\3NfecFI6h.txt
- C:\Documents and Settings\LocalService\Application Data\muIDB.txt
- C:\Documents and Settings\LocalService\Application Data\2oKToJv1.txt
- C:\Documents and Settings\LocalService\Application Data\ijPsf0Ra.txt
- C:\Documents and Settings\LocalService\Application Data\uFJpZN.txt
- C:\Documents and Settings\LocalService\Application Data\M6p0.txt
- C:\Documents and Settings\LocalService\Application Data\6A2TO8Rv.txt
- C:\Documents and Settings\LocalService\Application Data\qX6MKSpPzG.txt
- C:\Documents and Settings\LocalService\Application Data\DFeUP.txt
- C:\Documents and Settings\LocalService\Application Data\3fiwSe.txt
- C:\Documents and Settings\LocalService\Application Data\nxrUSO0HC.txt
- C:\Documents and Settings\LocalService\Application Data\u5m.txt
- %APPDATA%\izPD.txt
- %APPDATA%\qd5286r.txt
- %APPDATA%\kMLUCsl8YD.txt
- %APPDATA%\fnEtnxa.txt
- %APPDATA%\xu7.txt
- %APPDATA%\LAY4rfUOIzv.txt
- %APPDATA%\N37yxd0.txt
- %APPDATA%\yrIrFY.txt
- %APPDATA%\wEZPYYQnlv.txt
- %APPDATA%\kUP.txt
- %APPDATA%\NasFpl.txt
- %APPDATA%\ijZUrMJo3p.txt
- %APPDATA%\g4QgyDZ.txt
- %APPDATA%\qGo66ZMOIdc.txt
- %APPDATA%\BFJ6.txt
- %APPDATA%\oN8pm.txt
- %APPDATA%\2Lx.txt
- %APPDATA%\kWy0B.txt
- %APPDATA%\Qm7XScw.txt
- %APPDATA%\MhV99.txt
- %APPDATA%\4qCklTrU.txt
- %APPDATA%\iequ4.txt
- %APPDATA%\O3pUu.txt
- %APPDATA%\JBoXsX.txt
- %APPDATA%\hZbP5c.txt
- %APPDATA%\D4ARct.txt
- %APPDATA%\ZQ7gAJCpAM.txt
- %APPDATA%\zP5xpm1yG8j.txt
- %APPDATA%\nm5ALgtNc.txt
- %APPDATA%\osOwJB5lj.txt
- %APPDATA%\zWrsPLS.txt
- %APPDATA%\N3qg4Yw9a.txt
- %APPDATA%\Qwa2Fwx9.txt
- %ALLUSERSPROFILE%\Application Data\MicrosoftCoreLiveUpdateEngine\smss.InstallLog
- %APPDATA%\vu5Xx0Gd.txt
- %APPDATA%\lPNDlVCZ.txt
- %APPDATA%\8z64npm4.txt
- %APPDATA%\BdE.txt
- %APPDATA%\NnbKuUNaPni.txt
- %APPDATA%\05kcYHNJV2.txt
- %APPDATA%\X2Q38Egal9o.txt
- %APPDATA%\U6BOv.txt
- %APPDATA%\maFKBSpiDrn.txt
- %APPDATA%\W0TcE6z.txt
- %APPDATA%\3T8wJ5AGAM.txt
- %APPDATA%\sTldNxvIx8.txt
- %APPDATA%\TGM.txt
- %APPDATA%\dKl12oZwU.txt
- %APPDATA%\dQBlVRAEqfh.txt
- %APPDATA%\23bP5fO.txt
- %APPDATA%\dkO9I2.txt
- %APPDATA%\wOmm.txt
- %APPDATA%\RNOEX.txt
- %APPDATA%\gyUzkrm.txt
- %APPDATA%\WFAx4ey.txt
- %APPDATA%\iVMgMK2iRHX.txt
- %APPDATA%\UNraI5.txt
- %APPDATA%\K835.txt
- %APPDATA%\G4oeqy4Olz.txt
- %APPDATA%\SktN.txt
- %APPDATA%\mYrBXkr.txt
- %APPDATA%\urjp6VFU0.txt
- %APPDATA%\VTivRrZhS6.txt
- %APPDATA%\dOOYr5.txt
- %APPDATA%\FzA24KWoM1.txt
- %APPDATA%\w4JKx48vK.txt
- %APPDATA%\5TsX89Nd.txt
Sets the 'hidden' attribute to the following files:
- %ALLUSERSPROFILE%\Application Data\MicrosoftCoreLiveUpdateEngine\smss.exe
Network activity:
UDP:
- DNS ASK sR###OF4GR.com
- DNS ASK B3##fu.com
- DNS ASK OB##FhK.com
- DNS ASK 0M##wY.com
- DNS ASK Nw##.com
- DNS ASK W2##DDB.com
- DNS ASK EF##fZp.com
- DNS ASK 35###sC4.com
- DNS ASK Gc###6nuS.com
- DNS ASK gW###wZeKf4.com
- DNS ASK 9b##Rb.com
- DNS ASK Lx#.com
- DNS ASK 6E##qN.com
- DNS ASK Pr##l.com
- DNS ASK Xf###6BHwl.com
- DNS ASK li####date.mooo.com
- DNS ASK d3##uh.com
- DNS ASK Lc#.com
- DNS ASK pg##yq.com
- DNS ASK E4###hxjw.com
- DNS ASK FE##S.com
- DNS ASK MV##pQL.com
- DNS ASK tQ##z.com
- DNS ASK 8u###P03YKz.com
- DNS ASK Xc##.com
- DNS ASK AQ###HnrZdQ.com
- DNS ASK EP##h7E.com
- DNS ASK 9v###LtJVV.com
- DNS ASK RF###AhrxP.com
- DNS ASK 5n###KhaQj.com
- DNS ASK D4#.com
- DNS ASK X0###joRQ.com
- DNS ASK Zl##MgO.com
- DNS ASK fW##sSQ.com
- DNS ASK 1H##Jsc.com
- DNS ASK Ud#.com
- DNS ASK 7B##.com
- DNS ASK Wd##M2X.com
- DNS ASK Po###kL1XUc.com
- DNS ASK se###uyR3.com
- DNS ASK dV#.com
- DNS ASK He##6.com
- DNS ASK OX##v.com
- DNS ASK 5U##.com
- DNS ASK 1f##M.com
- DNS ASK m0###CBMj.com
- DNS ASK ij#.com
- DNS ASK Y3##rb.com
- DNS ASK iJ###QIM8H.com
- DNS ASK rb##.com
- DNS ASK qj##.com
- DNS ASK jt##1i.com
- DNS ASK Bw#.com
- DNS ASK UX#.com
- DNS ASK 0V##IoC.com
- DNS ASK A8##.com
- DNS ASK li##tTQ.com
- DNS ASK 2a###TFqGVF.com
- DNS ASK gU#.com
- DNS ASK B0###QiI.com
- DNS ASK 1J###FY3.com
- DNS ASK nY###kT4.com
- DNS ASK Le###ZLxjA.com
- DNS ASK X7###qrJY.com
- DNS ASK eF###YUUUQ.com
- DNS ASK 6h##da.com
- DNS ASK jQ##WqU.com
- DNS ASK Dt###fViT.com
- DNS ASK P7##6h.com
- DNS ASK mz##.com
- DNS ASK lT###bXgT7j.com
- DNS ASK cX##zm.com
- DNS ASK Yu##mS.com
- DNS ASK By##ib.com
- DNS ASK rU###VSzE.com
- DNS ASK Dk###kNZKh.com
- DNS ASK zD###Qp4VKz.com
- DNS ASK 0R##p5N.com
- DNS ASK x6##FmY.com
- DNS ASK ry##nOu.com
- DNS ASK pO###lWhCUe.com
- DNS ASK kI###y0X.com
- DNS ASK Bq#.com
- DNS ASK AK#.com
- DNS ASK Df##cRX.com
- DNS ASK Lh###CkLQ.com
- DNS ASK Fv##z8.com
- DNS ASK vB###gZ8.com
- DNS ASK w2###lYyYLm.com
- DNS ASK jb###hyC2D.com
- DNS ASK 97##TBk.com
- DNS ASK sA##.com
- DNS ASK w5###7w4aUp.com
- DNS ASK HM###T4D.com
- DNS ASK HE###ghh.com
- DNS ASK jc##gcq.com
- DNS ASK WG##48Y.com
- DNS ASK Mz###trojJ.com
- DNS ASK KE###vMuIH.com
- DNS ASK Rq##.com
- DNS ASK WC##fTP.com
- DNS ASK ig###W37.com
- DNS ASK P5##.com
- DNS ASK Qs##rl.com
- DNS ASK dk###vgL1Sb.com
- DNS ASK xW##.com
- DNS ASK ir##QXV.com
- DNS ASK xB##.com
- DNS ASK DJ##.com
- DNS ASK Bl###bdkrx.com
- DNS ASK af##.com
- DNS ASK Xe###Abb9nr.com
- DNS ASK tD##.com
- DNS ASK wT#.com
- DNS ASK 4h###fow.com
- DNS ASK Fh##um3.com
- DNS ASK UB#.com
- DNS ASK MY##5.com
- DNS ASK hN###xTNl.com
- DNS ASK 8H##zc.com
- DNS ASK Sw##X.com
- DNS ASK IW##P.com
- DNS ASK zz##.com
- DNS ASK nZ##.com
- DNS ASK lt#.com
- DNS ASK zy###bLDDU.com
- DNS ASK LV##m.com
- DNS ASK ur##O.com
- DNS ASK Ta###orhl2A.com
- DNS ASK uD##k.com
- DNS ASK 7v###8SwO.com
- DNS ASK Dc###xRN.com
- DNS ASK Y9###oznA.com
- DNS ASK hw###jXE.com
- DNS ASK H7##ReB.com
- DNS ASK 2n#.com
- DNS ASK O0##Jnz.com
- DNS ASK Oj###fAU.com
- DNS ASK 4X##.com
- DNS ASK 8i###XHlF.com
- DNS ASK 3y###W56g.com
- DNS ASK e3###1AcDQ.com
- DNS ASK k0##.com
- DNS ASK B2##dlw.com
- DNS ASK S8###Js9u.com
- DNS ASK 3S##6.com
- DNS ASK NB###GItEWx.com
- DNS ASK Mx##.com
- DNS ASK Y9#.com
- DNS ASK dg##Uwe.com
- DNS ASK HA###MCnTYC.com
- DNS ASK YT#.com
- DNS ASK gN#.com
- DNS ASK FM##l.com
- DNS ASK 9E###KHE5sV.com
- DNS ASK 0P#.com
- DNS ASK jn##5.com
- DNS ASK 4S##.com
- DNS ASK Ri###3Yc.com
- DNS ASK PA#.com
- DNS ASK 4B##L.com
- DNS ASK qX###BTyUs.com
- DNS ASK sy##.com
