Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\ShareIt Service.exe
- '%TEMP%\WER9mso.dir00\com3.exe'
- '%APPDATA%\Microsoft\Search\SearchHelper.exe'
- %TEMP%\WER9mso.dir00\com3.exe
- %APPDATA%\Microsoft\Search\SearchHelper.exe
- %APPDATA%\Microsoft\persist.dat
- 'ba#####upport.esy.es':80
- 'ba#####upport.comxa.com':80
- 'su#####backup.esy.es':80
- 'su######ervice.netai.net':80
- http://ba#####upport.esy.es/z/c13.php?m=############
- http://ba#####upport.comxa.com/z/c13.php?m=############
- http://su#####backup.esy.es/c/c13.php?m=############
- http://su######ervice.netai.net/c/c13.php?m=############
- DNS ASK ba#####upport.esy.es
- DNS ASK ba#####upport.comxa.com
- DNS ASK su#####backup.esy.es
- DNS ASK su######ervice.netai.net
- ClassName: 'Shell_TrayWnd' WindowName: ''