Technical Information
- <SYSTEM32>\tasks\gridinsoft anti-malware
- %PROGRAMDATA%\gridinsoft\anti-malware\logs\applog_
- %PROGRAMDATA%\gridinsoft\anti-malware\database\vs.c
- 'bi##.##ojan-killer.com':80
- http://bi###.#ridinsoft.com/am/prices1.txt
- http://ge#.#####malware.gridinsoft.com/sidebar/tabScanEx.php?la##########
- http://bi###.#ridinsoft.com/am/prices3.txt
- http://ge#.#####malware.gridinsoft.com/sidebar/tabScanProcessEx.php?la##########
- http://bi###.#ridinsoft.com/am/prices5.txt
- http://ge#.#####malware.gridinsoft.com/sidebar/tabScanCompleteEx.php?la##########
- http://bi###.#ridinsoft.com/am/check_ver.php?ve########
- http://s1.##.#ridinsoft.com/?fo#########
- DNS ASK bi###.#ridinsoft.com
- DNS ASK ge#.#####malware.gridinsoft.com
- DNS ASK s1.##.#ridinsoft.com
- DNS ASK bi##.##ojan-killer.com
- ClassName: 'msctls_updown32' WindowName: ''