Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Update' = '"%HOMEPATH%\TouchEnKey.exe" ..'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Update' = '"%HOMEPATH%\TouchEnKey.exe" ..'
- %HOMEPATH%\Start Menu\Programs\Startup\Java update.exe
- %TEMP%\24471.dmp
- %HOMEPATH%\TouchEnKey.exe
- %TEMP%\dw.log
- %ALLUSERSPROFILE%\Application Data\svchost.exe
- %APPDATA%\Arum.exe
- %HOMEPATH%\TouchEnKey.exe
- 'ab#.uy.to':1111
- DNS ASK ab#.uy.to
- '%HOMEPATH%\TouchEnKey.exe'
- '%ALLUSERSPROFILE%\Application Data\svchost.exe'
- '%CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE' -x -s 580