Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ultracopier' = '"%TEMP%\RarSFX0\ultracopier.exe"'
- '%TEMP%\RarSFX0\ultracopier.exe'
- '<SYSTEM32>\regsvr32.exe' /s C:/DOCUME~1/%USERNAME%/LOCALS~1/Temp/RarSFX0\PluginLoader\catchcopy-v0002\catchcopy64.dll
- '<SYSTEM32>\regsvr32.exe' /s C:/DOCUME~1/%USERNAME%/LOCALS~1/Temp/RarSFX0\PluginLoader\catchcopy-v0002\catchcopy32.dll
- %TEMP%\RarSFX0\Themes\Oxygen\interface.dll
- %TEMP%\RarSFX0\Themes\Oxygen\informations.xml
- %TEMP%\RarSFX0\Themes\Clean\Languages\zh\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\ar\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\en\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\el\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\de\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\tr\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\nl\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\ko\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\ja\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\no\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\th\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\ru\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\pl\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\es\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\pt\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\pl\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\no\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\ru\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\zh\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\tr\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\th\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\nl\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\hu\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\hi\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\fr\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\id\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\ko\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\ja\translation.qm
- %TEMP%\RarSFX0\Themes\Oxygen\Languages\it\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\it\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\pl\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\no\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\nl\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\pt\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\tr\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\th\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\ru\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\ko\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\hi\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\fr\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\es\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\hu\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\ja\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\it\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\id\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\zh\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\es\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\en\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\el\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\fr\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\id\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\hu\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\hi\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\Languages\de\translation.qm
- %TEMP%\RarSFX0\SessionLoader\Windows\informations.xml
- %TEMP%\RarSFX0\qt-plugins\platforms\qwindows.dll
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\pluginLoader.dll
- %TEMP%\RarSFX0\SessionLoader\Windows\sessionLoader.dll
- %TEMP%\RarSFX0\Themes\Clean\Languages\ar\translation.qm
- %TEMP%\RarSFX0\Themes\Clean\interface.dll
- %TEMP%\RarSFX0\Themes\Clean\informations.xml
- %TEMP%\RarSFX0\Themes\Supercopier\informations.xml
- %TEMP%\RarSFX0\Themes\Windows\informations.xml
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\zh\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\tr\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\interface.dll
- %TEMP%\RarSFX0\Themes\Windows\Languages\el\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\de\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\ar\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\th\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\ko\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\ja\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\it\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\nl\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\ru\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\pl\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\no\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\en\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\pl\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\no\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\nl\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\ru\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\zh\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\tr\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\th\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\ko\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\hi\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\fr\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\es\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\hu\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\ja\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\it\translation.qm
- %TEMP%\RarSFX0\Themes\Windows\Languages\id\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\id\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\it\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\id\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\hu\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\ja\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\no\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\nl\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\ko\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\hi\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\de\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\ar\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\interface.dll
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\el\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\fr\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\es\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\en\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\pl\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\en\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\el\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\de\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\es\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\hu\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\hi\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\fr\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\Languages\ar\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\th\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\ru\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\pt\translation.qm
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\tr\translation.qm
- %TEMP%\RarSFX0\Themes\Teracopy\interface.dll
- %TEMP%\RarSFX0\Themes\Teracopy\informations.xml
- %TEMP%\RarSFX0\Themes\Supercopier\Languages\zh\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\en\translation.qm
- %TEMP%\RarSFX0\Languages\el\flag.png
- %TEMP%\RarSFX0\Languages\de\translation.qm
- %TEMP%\RarSFX0\Languages\de\informations.xml
- %TEMP%\RarSFX0\Languages\el\informations.xml
- %TEMP%\RarSFX0\Languages\es\informations.xml
- %TEMP%\RarSFX0\Languages\es\flag.png
- %TEMP%\RarSFX0\Languages\el\translation.qm
- %TEMP%\RarSFX0\Languages\de\flag.png
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\zh\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\tr\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\th\translation.qm
- %TEMP%\RarSFX0\Languages\ar\flag.png
- %TEMP%\RarSFX0\Languages\ar\translation.qm
- %TEMP%\RarSFX0\Languages\ar\qt.qm
- %TEMP%\RarSFX0\Languages\ar\informations.xml
- %TEMP%\RarSFX0\Languages\es\qt.qm
- %TEMP%\RarSFX0\Languages\hu\translation.qm
- %TEMP%\RarSFX0\Languages\hu\informations.xml
- %TEMP%\RarSFX0\Languages\hu\flag.png
- %TEMP%\RarSFX0\Languages\id\flag.png
- %TEMP%\RarSFX0\Languages\it\flag.png
- %TEMP%\RarSFX0\Languages\id\translation.qm
- %TEMP%\RarSFX0\Languages\id\informations.xml
- %TEMP%\RarSFX0\Languages\hi\translation.qm
- %TEMP%\RarSFX0\Languages\fr\informations.xml
- %TEMP%\RarSFX0\Languages\fr\flag.png
- %TEMP%\RarSFX0\Languages\es\translation.qm
- %TEMP%\RarSFX0\Languages\fr\qt.qm
- %TEMP%\RarSFX0\Languages\hi\informations.xml
- %TEMP%\RarSFX0\Languages\hi\flag.png
- %TEMP%\RarSFX0\Languages\fr\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\ru\translation.qm
- %TEMP%\RarSFX0\Qt5Xml.dll
- %TEMP%\RarSFX0\Qt5Widgets.dll
- %TEMP%\RarSFX0\Qt5SystemInfo.dll
- %TEMP%\RarSFX0\README.txt
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\informations.xml
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\copyEngine.dll
- %TEMP%\RarSFX0\ultracopier.exe
- %TEMP%\RarSFX0\Qt5Network.dll
- %TEMP%\RarSFX0\libgcc_s_sjlj-1.dll
- %TEMP%\RarSFX0\COPYING.txt
- %TEMP%\RarSFX0\Read Me.url
- %TEMP%\RarSFX0\libstdc++-6.dll
- %TEMP%\RarSFX0\Qt5Gui.dll
- %TEMP%\RarSFX0\Qt5Core.dll
- %TEMP%\RarSFX0\libwinpthread-1.dll
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\ar\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\ko\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\ja\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\it\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\nl\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\pt\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\pl\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\no\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\id\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\en\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\el\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\de\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\es\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\hu\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\hi\translation.qm
- %TEMP%\RarSFX0\CopyEngine\Ultracopier\Languages\fr\translation.qm
- %TEMP%\RarSFX0\Languages\it\informations.xml
- %TEMP%\RarSFX0\miner\libblkmaker_jansson-0.1-0.dll
- %TEMP%\RarSFX0\miner\libblkmaker-0.1-0.dll
- %TEMP%\RarSFX0\miner\diakgcn121016.cl
- %TEMP%\RarSFX0\miner\libcurl-4.dll
- %TEMP%\RarSFX0\miner\libjansson-4.dll
- %TEMP%\RarSFX0\miner\libhidapi-0.dll
- %TEMP%\RarSFX0\miner\libevent-2-0-5.dll
- %TEMP%\RarSFX0\miner\diablo130302.cl
- %TEMP%\RarSFX0\Languages\zh\informations.xml
- %TEMP%\RarSFX0\Languages\zh\flag.png
- %TEMP%\RarSFX0\Languages\tr\translation.qm
- %TEMP%\RarSFX0\Languages\zh\translation.qm
- %TEMP%\RarSFX0\miner\backtrace.dll
- %TEMP%\RarSFX0\Listener\catchcopy-v0002\listener.dll
- %TEMP%\RarSFX0\Listener\catchcopy-v0002\informations.xml
- %TEMP%\RarSFX0\miner\libmicrohttpd-10.dll
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\catchcopy64.dll
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\catchcopy32.dll
- %TEMP%\RarSFX0\miner\zlib1.dll
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\informations.xml
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\el\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\de\translation.qm
- %TEMP%\RarSFX0\PluginLoader\catchcopy-v0002\Languages\ar\translation.qm
- %TEMP%\RarSFX0\miner\scrypt130511.cl
- %TEMP%\RarSFX0\miner\miner.exe
- %TEMP%\RarSFX0\miner\libusb-1.0.dll
- %TEMP%\RarSFX0\miner\libplibc-1.dll
- %TEMP%\RarSFX0\miner\pdcurses.dll
- %TEMP%\RarSFX0\miner\pthreadGC2.dll
- %TEMP%\RarSFX0\miner\poclbm130302.cl
- %TEMP%\RarSFX0\miner\phatk121016.cl
- %TEMP%\RarSFX0\Languages\tr\informations.xml
- %TEMP%\RarSFX0\Languages\nl\informations.xml
- %TEMP%\RarSFX0\Languages\nl\flag.png
- %TEMP%\RarSFX0\Languages\ko\translation.qm
- %TEMP%\RarSFX0\Languages\nl\translation.qm
- %TEMP%\RarSFX0\Languages\no\translation.qm
- %TEMP%\RarSFX0\Languages\no\informations.xml
- %TEMP%\RarSFX0\Languages\no\flag.png
- %TEMP%\RarSFX0\Languages\ko\qt.qm
- %TEMP%\RarSFX0\Languages\ja\informations.xml
- %TEMP%\RarSFX0\Languages\ja\flag.png
- %TEMP%\RarSFX0\Languages\it\translation.qm
- %TEMP%\RarSFX0\Languages\ja\qt.qm
- %TEMP%\RarSFX0\Languages\ko\informations.xml
- %TEMP%\RarSFX0\Languages\ko\flag.png
- %TEMP%\RarSFX0\Languages\ja\translation.qm
- %TEMP%\RarSFX0\Languages\pl\flag.png
- %TEMP%\RarSFX0\Languages\ru\translation.qm
- %TEMP%\RarSFX0\Languages\ru\qt.qm
- %TEMP%\RarSFX0\Languages\ru\informations.xml
- %TEMP%\RarSFX0\Languages\th\flag.png
- %TEMP%\RarSFX0\Languages\tr\flag.png
- %TEMP%\RarSFX0\Languages\th\translation.qm
- %TEMP%\RarSFX0\Languages\th\informations.xml
- %TEMP%\RarSFX0\Languages\ru\flag.png
- %TEMP%\RarSFX0\Languages\pl\translation.qm
- %TEMP%\RarSFX0\Languages\pl\qt.qm
- %TEMP%\RarSFX0\Languages\pl\informations.xml
- %TEMP%\RarSFX0\Languages\pt\flag.png
- %TEMP%\RarSFX0\Languages\pt\translation.qm
- %TEMP%\RarSFX0\Languages\pt\qt.qm
- %TEMP%\RarSFX0\Languages\pt\informations.xml
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'