Technical Information
- '%APPDATA%\Microsoft\rmid.exe'
- '%APPDATA%\Microsoft\rmid.exe' (downloaded from the Internet)
- %HOMEPATH%\My Documents\Downloads\MSN Gaming Zone-crack.exe
- %HOMEPATH%\My Documents\Downloads\NetMeeting-crack.exe
- %HOMEPATH%\My Documents\Downloads\MSBuild-crack.exe
- %HOMEPATH%\My Documents\Downloads\MSN-crack.exe
- %HOMEPATH%\My Documents\Downloads\Reference Assemblies-crack.exe
- %HOMEPATH%\My Documents\Downloads\Uninstall Information-crack.exe
- %HOMEPATH%\My Documents\Downloads\Online Services-crack.exe
- %HOMEPATH%\My Documents\Downloads\Outlook Express-crack.exe
- %HOMEPATH%\My Documents\Downloads\Movie Maker-crack.exe
- %HOMEPATH%\My Documents\Downloads\ComPlus Applications-crack.exe
- %HOMEPATH%\My Documents\Downloads\FireFox-crack.exe
- %APPDATA%\Microsoft\rmid.exe
- %HOMEPATH%\My Documents\Downloads\Common Files-crack.exe
- %HOMEPATH%\My Documents\Downloads\microsoft frontpage-crack.exe
- %HOMEPATH%\My Documents\Downloads\Microsoft.NET-crack.exe
- %HOMEPATH%\My Documents\Downloads\Internet Explorer-crack.exe
- %HOMEPATH%\My Documents\Downloads\Messenger-crack.exe
- 'ta####.zapto.org':80
- 'wp#d':80
- ta####.zapto.org/downloader/miner/download/rmid.exe
- wp#d/wpad.dat
- DNS ASK ta####.zapto.org
- DNS ASK wp#d