Technical Information
- %WINDIR%\Config\svchost.exe
- <SYSTEM32>\net1.exe stop spooler
- <SYSTEM32>\attrib.exe +H +S %WINDIR%\CONFIG\spoolsv.exe
- <SYSTEM32>\net.exe stop spooler
- %WINDIR%\Config\spoolsv.exe
- %WINDIR%\Config\PoliceSetup.ini
- %WINDIR%\Config\MSWINSCK.OCX
- %WINDIR%\Config\Pop.txt
- %WINDIR%\Config\Winamp.exe
- %WINDIR%\Config\svchost.exe
- %WINDIR%\Config\iPushConfig.ini
- %TEMP%\~vis0000\miscdata.xyz
- %TEMP%\~vis0000\English.vlg
- %TEMP%\~vis0000\vise32ex.dll
- %WINDIR%\Config\GFastdownActiveXTrial.ocx
- %TEMP%\~vis0000\default.bmp
- %TEMP%\~vis0000\rebootnt.exe
- %WINDIR%\Config\Winamp.exe
- %WINDIR%\Config\spoolsv.exe
- %WINDIR%\Config\iPushConfig.ini
- %TEMP%\~vis0000\rebootnt.exe
- %TEMP%\~vis0000\vise32ex.dll
- %WINDIR%\Config\Pop.txt.prg
- %TEMP%\~vis0000\miscdata.xyz
- %TEMP%\~vis0000\default.bmp
- %TEMP%\~vis0000\English.vlg
- 'pu##.##stylepush.com':80
- pu##.##stylepush.com/PushFile/Pop.txt
- DNS ASK pu##.##stylepush.com
- ClassName: 'Shell_TrayWnd' WindowName: ''