Technical Information
- [<HKCU>\software\microsoft\windows\currentversion\run] 'MicrosoftComp' = '<Full path to file>'
- [<HKCU>\software\microsoft\windows\currentversion\run] 'MicrosoftComp' = '%APPDATA%\Microsoft\svchost.exe'
- %APPDATA%\microsoft\svchost.exe
- %TEMP%\melt.txt
- http://te####e.comli.com/
- http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/02FAF3E291435468607857694DF5E45B68851868.crt
- DNS ASK to##ev.com
- DNS ASK te####e.comli.com
- DNS ASK 00###bhost.com
- DNS ASK fo###.#oogleapis.com
- DNS ASK os#.#axcdn.com
- DNS ASK google.com
- DNS ASK go#####analytics.com
- DNS ASK go#####agmanager.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%APPDATA%\microsoft\svchost.exe'