Technical Information
- %TEMP%\nsi2.tmp
- %TEMP%\7za.exe
- %TEMP%\a1.7z
- %TEMP%\a2.7z
- %TEMP%\nsw3.tmp\ExecDos.dll
- %TEMP%\Setup.exe
- %TEMP%\gvnzz.exe
- %TEMP%\nsq5.tmp
- %TEMP%\Lconf
- <SYSTEM32>\ieframe.dll
- %TEMP%\is-9ISSD.tmp\Setup.tmp
- %TEMP%\is-1IV2K.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-1IV2K.tmp\_isetup\_shfoldr.dll
- %TEMP%\nsc6.tmp\ExecDos.dll
- %TEMP%\setupv.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\movies[1]
- %TEMP%\nsw3.tmp\ExecDos.dll
- %TEMP%\nsc6.tmp\ExecDos.dll
- 'localhost':1036
- 'fl###rect.com':80
- http://www.fl###rect.com/movies/?af############# via fl###rect.com
- DNS ASK www.fl###rect.com
- ClassName: '' WindowName: 'FLV Direct Installation'
- ClassName: 'Button' WindowName: 'OK'
- ClassName: '' WindowName: 'File Download - Security Warning'
- ClassName: 'Button' WindowName: 'Skip'
- ClassName: 'Button' WindowName: 'Done'
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- '%TEMP%\7za.exe' x %TEMP%\a2.7z -aoa -o%HOMEPATH%\Local Settings\Temp -pmilfsex
- '%TEMP%\7za.exe' x %TEMP%\a1.7z -aoa -o%HOMEPATH%\Local Settings\Temp -pmilfsex
- '%TEMP%\gvnzz.exe'
- '%TEMP%\Setup.exe'
- '%TEMP%\is-9ISSD.tmp\Setup.tmp' /SL5="$40092,3861582,53248,%TEMP%\Setup.exe"
- '%TEMP%\7za.exe' x %TEMP%\a1.7z -aoa -o%HOMEPATH%\Local Settings\Temp -p123456789loudmo
- '%TEMP%\setupv.exe'