Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'DriverUpdate' = 'C:\DriverStores\DriverUdate.exe /600'
- <SYSTEM32>\cmd.exe /c %TEMP%\~msyjpkt.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~ckhrqht.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~zlrazua.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~rwlbdba.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~wtliudz.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~wzzcgxg.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~tsgjcjb.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~ndytkgo.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~hclladi.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~khixsyu.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~mtauyju.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~dcatjpm.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~urmkfjv.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~hmcrfgg.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~trnarmq.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~zafckig.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~obwzayw.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~tipmgfl.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~zofubmr.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~humhvcz.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~fumwhxj.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~tsikfok.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~kxqpljk.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~xhywcmu.bat
- <SYSTEM32>\cmd.exe /c %TEMP%\~sdaatay.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].6476097263
- %TEMP%\~msyjpkt.bat
- %TEMP%\~wzzcgxg.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].6554557094
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].627615697
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].0167327521
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].5061076672
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].9302628294
- %TEMP%\~ckhrqht.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].22496996075
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].9821050195
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].3373768691
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].812205801
- %TEMP%\~urmkfjv.bat
- %TEMP%\~rwlbdba.bat
- %TEMP%\~wtliudz.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].3206700133
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].8621598084
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].00390515756
- %TEMP%\~zlrazua.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].1211725618
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].2680180361
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].6490871664
- %TEMP%\~tsgjcjb.bat
- %TEMP%\~ndytkgo.bat
- %TEMP%\~hclladi.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].71805162472
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].8062540677
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].798268741
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].4577760012
- %TEMP%\~khixsyu.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].7399638512
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].5876845799
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].184028541
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].630747196
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].3089522831
- %TEMP%\~dcatjpm.bat
- %TEMP%\~mtauyju.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].7270290684
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].1949665484
- %TEMP%\~hmcrfgg.bat
- %TEMP%\~zofubmr.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].15348419757
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].9898543505
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].4291425715
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].9079529473
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].72030882048
- %TEMP%\~trnarmq.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].1913041649
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].53857938736
- C:\DriverStores\DriverUdate.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].7840531364
- %TEMP%\~ip.tmp
- %TEMP%\~obwzayw.bat
- %TEMP%\~tipmgfl.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].3227062267
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].594940576
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].9877892572
- %TEMP%\~zafckig.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].3323468918
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].51793467626
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].59962927364
- %TEMP%\~humhvcz.bat
- %TEMP%\~fumwhxj.bat
- %TEMP%\~tsikfok.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].4879640387
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].4317169969
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].03390411008
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].5244886372
- %TEMP%\~kxqpljk.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\checkip.dyndns[1].1157123591
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].1475367753
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].5857356363
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\whatismyip[1].9908232626
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\whatismyip[1].4334282207
- %TEMP%\~sdaatay.bat
- %TEMP%\~xhywcmu.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\checkip.dyndns[1].4718131775
- C:\DriverStores\DriverUdate.exe
- %TEMP%\~ip.tmp
- 'www.wh###smyip.com':80
- 'ch####p.dyndns.org':80
- ch####p.dyndns.org/?rn########################################
- www.wh###smyip.com/?rn########################################
- ch####p.dyndns.org/?rn#########################################
- www.wh###smyip.com/?rn#########################################
- DNS ASK www.wh###smyip.com
- DNS ASK ch####p.dyndns.org
- ClassName: 'Indicator' WindowName: ''