Technical Information
- '' (downloaded from the Internet)
- <SYSTEM32>\svchost.exe
- <Current directory>\c.bat
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\images[1].php
- <Current directory>\chkdsk1.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\U98D4X8H\images[1].php
- <Current directory>\chkdsk2.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\2VAZY7AN\images[1].php
- <Current directory>\chkdsk3.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\YPORKZYZ\images[1].php
- <Current directory>\chkdsk4.exe
- <Full path to file>
- <Current directory>\chkdsk1.exe
- 'localhost':1038
- 'ed##21.net':80
- http://www.ed##21.net/images/images.php?w=# via ed##21.net
- DNS ASK www.ed##21.net
- '<Current directory>\chkdsk1.exe'
- '<Current directory>\chkdsk2.exe'
- '<Current directory>\chkdsk3.exe'
- '<Current directory>\chkdsk4.exe'
- '<SYSTEM32>\cmd.exe' /c c.bat <Full path to file>
- '<SYSTEM32>\svchost.exe'