Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'opensearchttos' = '"%APPDATA%\opensearchGT\opensearcht.exe" Runcmd'
- '%APPDATA%\opensearchGT\opensearcht.exe' Updatecmd
- %APPDATA%\opensearchGT\opensearcht.exe
- %TEMP%\nse3.tmp\version.dll
- %TEMP%\nse3.tmp\DLLWebCount.dll
- %TEMP%\nsy2.tmp
- %TEMP%\nse3.tmp\KillProcDLL.dll
- %TEMP%\nse3.tmp\FindProcDLL.dll
- 'ul.##icsvc.com':80
- ul.##icsvc.com/ulsticsvc/update/ad/ult/inst.php
- ul.##icsvc.com/check/fcheck.php
- ul.##icsvc.com/ulsticsvc/update/ad/ult/sti.php
- ul.##icsvc.com/cnt/index.php?pi############
- DNS ASK ul.##icsvc.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: '(null)'