Technical Information
- %TEMP%\is-ab3a5.tmp\is-s8v0t.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-s4b56.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-mpb3k.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-uikb3.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-uppsn.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-5tii1.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-ll6et.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-ftcqf.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-v42sh.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-9a8g3.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-7i106.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-5rhnt.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-3t1v7.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-i7sio.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-19q18.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-dgnk6.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-b05j2.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-ulleq.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-1juvq.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-nnpk1.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-9ftla.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-h5k90.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-5opdl.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-e3vg6.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\unins000.dat
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-92kd2.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-8p63i.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\is-2vfok.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\is-0faep.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-0ph59.tmp
- %TEMP%\is-acka9.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-acka9.tmp\_iscrypt.dll
- %ProgramFiles(x86)%\szmole clone remover 4.8\is-0vgtt.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\is-4q1i5.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\is-e54io.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\is-b0atv.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\is-5b6va.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\is-l18ka.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\is-7444i.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-28lq2.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-tquqn.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\cloneremover.exe
- %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-o1ee4.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-4t788.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-rkkiq.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-l61rm.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-mec7e.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-vlfuc.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-cgpub.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-v590d.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-rhdm0.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-tubq4.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-jgc83.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-627c4.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-vojnk.tmp
- %TEMP%\is-acka9.tmp\_isetup\_setup64.tmp
- %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-0u2i9.tmp
- %TEMP%\gwqsaf.txt
- from %ProgramFiles(x86)%\szmole clone remover 4.8\is-0vgtt.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\unins000.exe
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-8p63i.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\10.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-s4b56.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\11.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-mpb3k.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\12.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-uikb3.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\13.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-uppsn.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\14.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-5tii1.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\15.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-ll6et.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\16.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-ftcqf.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\17.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-v42sh.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\18.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-9a8g3.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\19.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-5rhnt.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\20.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-5opdl.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\8.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-i7sio.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\21.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-o1ee4.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\22.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-19q18.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\23.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-dgnk6.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\24.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-b05j2.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\25.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-ulleq.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\3.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-1juvq.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\4.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-nnpk1.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\5.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-9ftla.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\6.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-h5k90.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\7.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-92kd2.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\1.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-7i106.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\2.gif
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\is-2vfok.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\index.html
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-0u2i9.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\english.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\is-4q1i5.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\cloneremover.exe
- from %ProgramFiles(x86)%\szmole clone remover 4.8\is-e54io.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\homepage.url
- from %ProgramFiles(x86)%\szmole clone remover 4.8\is-b0atv.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\license.txt
- from %ProgramFiles(x86)%\szmole clone remover 4.8\is-5b6va.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\readme.txt
- from %ProgramFiles(x86)%\szmole clone remover 4.8\is-l18ka.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\delzip179.dll
- from %ProgramFiles(x86)%\szmole clone remover 4.8\is-7444i.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\unrar.dll
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-28lq2.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\brazilian.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-tquqn.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\bulgarian.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-4t788.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\chinese.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-3t1v7.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\dutch.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-rkkiq.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\french.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-0ph59.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\swedish.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-l61rm.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\french2.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-mec7e.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\german.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-vlfuc.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\hungarian.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-cgpub.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\italian.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-v590d.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\persian.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-rhdm0.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\portugues.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-tubq4.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\romanian.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-jgc83.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\russian.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-627c4.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\slovak.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\language\is-vojnk.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\language\spanish.mlg
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\is-0faep.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\index-ru.html
- from %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\is-e3vg6.tmp to %ProgramFiles(x86)%\szmole clone remover 4.8\help\img\9.gif
- 'id###angede.cf':80
- http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?69########
- http://id###angede.cf/new/net_api
- DNS ASK id###angede.cf
- ClassName: '{13E497E0-92ED-4579-9251-F2A108AC8CD1}' WindowName: ''
- '%TEMP%\is-ab3a5.tmp\is-s8v0t.tmp' /SL4 $F0104 "<Full path to file>" 5287711 52224
- '%ProgramFiles(x86)%\szmole clone remover 4.8\cloneremover.exe'
- '%ProgramFiles(x86)%\szmole clone remover 4.8\cloneremover.exe' 6e96487c1bf711f5a1a30d54fb46732b
- '%WINDIR%\syswow64\schtasks.exe' /Query
- '%WINDIR%\syswow64\schtasks.exe' /Delete /F /TN "CloneRemover 3.9"