Technical Information
- '<SYSTEM32>\uyweghets.exe'
- '<SYSTEM32>\uyweghets.exe' (downloaded from the Internet)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\nmuwxtgn[1].exe
- <SYSTEM32>\uyweghets.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\homet[1].ini
- <SYSTEM32>\hyyt4d.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\nmuwxtgn[1].exe
- <SYSTEM32>\uyweghets.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\homet[1].ini
- <SYSTEM32>\hyyt4d.ini
- 'io###.#martwidget.net':80
- 'iz##py.net':80
- 'localhost':1036
- 'pp##.##artwidget.net':80
- pp##.##artwidget.net/inCheck/files/homet.php
- iz##py.net/protest/homet/chkdown.php?ch#######################################
- pp##.##artwidget.net/inCheck/files/homet.ini
- io###.#martwidget.net/skbc/nmuwxtgn.exe
- DNS ASK iz##py.net
- DNS ASK io###.#martwidget.net
- DNS ASK pp##.##artwidget.net