Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'system' = '<SYSTEM32>\svhost.exe'
- <Current directory>\paa.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\pa[1].tmp
- <SYSTEM32>\svhost.exe
- 'pa####2010.99k.org':80
- 'localhost':1035
- pa####2010.99k.org/pa.tmp
- DNS ASK pa####2010.99k.org
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'