Technical Information
- [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] 'D2' = '%WINDIR%\D2.exe'
- [HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '2500' = '00000003'
- %WINDIR%\d2.exe
- %WINDIR%\d3.exe
- %WINDIR%\d4cef.exe
- %WINDIR%\d4fis.exe
- %WINDIR%\d4ger.exe
- %WINDIR%\libeay32.dll
- %WINDIR%\ssleay32.dll
- %WINDIR%\solutionge.dll
- %WINDIR%\solutionhs.dll
- %WINDIR%\install.exe
- %WINDIR%\02.txt
- 'ba#####r.googlecode.com':443
- 'ba#####r.googlecode.com':443
- DNS ASK ba#####r.googlecode.com
- ClassName: 'EDIT' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- '%WINDIR%\install.exe'
- '%WINDIR%\syswow64\regsvr32.exe' /s %WINDIR%\solutionge.dll' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' /s %WINDIR%\solutionhs.dll' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' /s %WINDIR%\solutionge.dll
- '%WINDIR%\syswow64\regsvr32.exe' /s %WINDIR%\solutionhs.dll