Technical Information
- %TEMP%\is-lfmon.tmp\is-b25co.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-ctqa2.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-1sc99.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-09d9k.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-jru0g.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-kcjt4.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-0mkvi.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-9l4bu.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-tjbb6.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-kgodm.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-rhkpd.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-j2hg6.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-ruf70.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-tpjfc.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-9f3fi.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-cb3i2.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-a1ono.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-d9iic.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-p7beq.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-2d6ha.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-arf32.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-k57m0.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-a4fnt.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-1k1hn.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\unins000.dat
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-lbshd.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-l24of.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\is-nhfhr.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\is-h8e6p.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-1ougd.tmp
- %TEMP%\is-6f7t3.tmp\_isetup\_shfoldr.dll
- %TEMP%\is-6f7t3.tmp\_iscrypt.dll
- %ProgramFiles(x86)%\tcmole clone remover 4.10\is-1h0k4.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\is-m7sqj.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\is-8rkr5.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\is-cdbv6.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\is-iq2pi.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\is-7ccsq.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\is-0cv98.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-od2kn.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-vl0g9.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\cloneremover.exe
- %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-gf1dh.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-3bv5c.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-utke0.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-8vh10.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-bhfk5.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-hhup5.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-t31cg.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-f48ge.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-kgmke.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-66ppi.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-i609g.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-0jq8f.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-293fj.tmp
- %TEMP%\is-6f7t3.tmp\_isetup\_setup64.tmp
- %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-7pp8f.tmp
- %TEMP%\gwqsaf.txt
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\is-1h0k4.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\unins000.exe
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-l24of.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\10.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-ctqa2.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\11.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-1sc99.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\12.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-09d9k.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\13.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-jru0g.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\14.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-kcjt4.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\15.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-0mkvi.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\16.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-9l4bu.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\17.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-tjbb6.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\18.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-kgodm.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\19.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-j2hg6.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\20.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-a4fnt.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\8.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-tpjfc.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\21.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-gf1dh.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\22.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-9f3fi.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\23.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-cb3i2.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\24.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-a1ono.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\25.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-d9iic.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\3.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-p7beq.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\4.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-2d6ha.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\5.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-arf32.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\6.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-k57m0.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\7.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-lbshd.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\1.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-rhkpd.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\2.gif
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\is-nhfhr.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\index.html
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-7pp8f.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\english.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\is-m7sqj.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\cloneremover.exe
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\is-8rkr5.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\homepage.url
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\is-cdbv6.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\license.txt
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\is-iq2pi.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\readme.txt
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\is-7ccsq.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\delzip179.dll
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\is-0cv98.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\unrar.dll
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-od2kn.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\brazilian.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-vl0g9.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\bulgarian.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-3bv5c.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\chinese.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-ruf70.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\dutch.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-utke0.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\french.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-1ougd.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\swedish.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-8vh10.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\french2.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-bhfk5.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\german.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-hhup5.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\hungarian.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-t31cg.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\italian.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-f48ge.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\persian.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-kgmke.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\portugues.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-66ppi.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\romanian.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-i609g.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\russian.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-0jq8f.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\slovak.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\language\is-293fj.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\language\spanish.mlg
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\is-h8e6p.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\index-ru.html
- from %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\is-1k1hn.tmp to %ProgramFiles(x86)%\tcmole clone remover 4.10\help\img\9.gif
- 'id###angede.cf':80
- http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?69########
- http://id###angede.cf/new/net_api
- DNS ASK id###angede.cf
- ClassName: '{E49137E0-92ED-4579-9251-A108AC2F8CD1}' WindowName: ''
- '%TEMP%\is-lfmon.tmp\is-b25co.tmp' /SL4 $180164 "<Full path to file>" 5164480 52224
- '%ProgramFiles(x86)%\tcmole clone remover 4.10\cloneremover.exe'
- '%ProgramFiles(x86)%\tcmole clone remover 4.10\cloneremover.exe' 49d9d9d3668827259d726663dc8bf3a9
- '%WINDIR%\syswow64\schtasks.exe' /Query
- '%WINDIR%\syswow64\schtasks.exe' /Delete /F /TN "CloneRemover 3.9"