Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft System Manager' = '%WINDIR%\svchost.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Microsoft System Manager' = '<Full path to file>'
- %WINDIR%\svchost.exe
- http://fr##.#host05.com/SashochekVB/files.asp?fi######
- http://fr##.#host05.com/SashochekVB/files.asp?fi#################################################################################################################################################...
- http://ww#.#host05.com/?su#######################################
- http://im#.##doparking.com/js/jquery-1.11.3.custom.min.js
- http://www.google.com/adsense/domains/caf.js
- DNS ASK fr##.#host05.com
- DNS ASK ww#.#host05.com
- DNS ASK im#.##doparking.com
- DNS ASK google.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%WINDIR%\svchost.exe' <Full path to file>