Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System32' = '"%PROGRAM_FILES%\Dialer.pl\user32.exe" -user'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\rank[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\top_licznik[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\sentinel[1].php3
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\tlojpg[1].gif
- %HOMEPATH%\Desktop\XDirect.exe
- %PROGRAM_FILES%\Dialer.pl\user32.exe
- %HOMEPATH%\Start Menu\XDirect.exe
- %PROGRAM_FILES%\Dialer.pl\index.htm
- %PROGRAM_FILES%\Dialer.pl\104781358172.jpg
- 'www.se##ista.pl':80
- 'www.se##tat.pl':80
- 'localhost':1037
- 'www.to##ex.pl':80
- www.se##ista.pl/graf/tlojpg.gif
- www.se##tat.pl/sentinel.php3?a=################################
- www.to##ex.pl/rank.php?id#####
- www.se##ista.pl/top_licznik.php?id####
- DNS ASK www.se##tat.pl
- DNS ASK www.se##ista.pl
- DNS ASK www.to##ex.pl
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''