Technical Information
- '<SYSTEM32>\rundll32.exe'
- <SYSTEM32>\cscript.exe
- %APPDATA%\73gm
- %ALLUSERSPROFILE%\xx26n
- %TEMP%\8kot7
- %ALLUSERSPROFILE%\z52wc63
- %TEMP%\oca.hfe
- %ALLUSERSPROFILE%\xis\easll.emi
- %TEMP%\2.tmp
- %TEMP%\1.tmp
- %APPDATA%\73gm
- %ALLUSERSPROFILE%\z52wc63
- %TEMP%\8kot7
- %TEMP%\1.tmp
- %TEMP%\2.tmp
- %ALLUSERSPROFILE%\xx26n
- 'tf###avds.in':80
- http://tf###avds.in/tmv1odyb9n/index.php
- DNS ASK tf###avds.in
- DNS ASK microsoft.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''