Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft Services' = '%PROGRAM_FILES%\Microsoft Services\MSservice.exe'
- %PROGRAM_FILES%\Microsoft Services\MSservice.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\num_users[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\index[1].php
- %TEMP%\aut1.tmp
- %PROGRAM_FILES%\Microsoft Services\MSservice.exe
- %PROGRAM_FILES%\Microsoft Services\MSservice.exe
- %TEMP%\aut1.tmp
- 're###32.99k.org':80
- 'localhost':1036
- 'www.ka######alis-leporte.com':80
- re###32.99k.org/index.php?pa###############################################################################################################
- www.ka######alis-leporte.com/services/retRo/num_users.php
- DNS ASK re###32.99k.org
- DNS ASK www.google.com
- DNS ASK www.ka######alis-leporte.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''