Technical Information
- hidden files
- file extensions
- '%WINDIR%\server\services_running.sys.exe' (downloaded from the Internet)
- '%WINDIR%\server\services_running.sys.exe'
- %WINDIR%\server\services_running.sys.exe
- %WINDIR%\server\gstart.dll.exe
- 'se###r01i.com':80
- 'wp#d':80
- http://se###r01i.com/step_fix_up/server/services_running.sys.exe
- http://se###r01i.com/step_fix_up/server/gstart.dll.exe
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK se###r01i.com
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''