Resolved : [mining.eligius.st] To [23.21.225.111]
Control Panel:
http://mining.eligius.st
New Opened files which were contained within Memory
File $Extend$ObjId
File Documents and SettingsAdministratorApplication Data
File Documents and SettingsAdministratorLocal SettingsApplication DataMicrosoftPortable Devices
File System Volume Information_restore{307E7B41-0455-430D-B7AD-0176BCF9FE0E}RP21change.log
File System Volume Informationtracking.log
File WINDOWSTempPerflib_Perfdata_57c.dat
File trkwks
Potentially Malicious Changes in NTUSER.DAT File
(This output only contains plain text entries, which were made to the Registry Hive.)
“adobeupdate”=””C:Documents and SettingsAdministratorApplication Data3 2l3.lnk””
“adobeupdater”=””C:Documents and SettingsAdministratorApplication Data3 2rundll32.exe””
“C:Documents and SettingsAdministratorApplication Data3 2bat.bat”=”bat”
“C:Documents and SettingsAdministratorApplication Data3 2j.exe”=”j”
“C:Documents and SettingsAdministratorApplication Data3 2svchost.exe”=”svchost”
“C:Documents and SettingsAdministratorApplication Data3 2rundll32.exe”=”rundll32”
[NTUSERSoftwareWinRAR SFX]
“C%%Documents and Settings%Administrator%Application Data”=”C:Documents and SettingsAdministratorApplication Data”
This is from I_Post_Your_Info:
eligius.st uses the bicon address as the pool username, so you can track the hashrate and transactions using the info from the config
http://eligius.st/~artefact2/7/1FweLVpvgdF84QrhVtAvUVkNM6A4qkNvhz
http://blockchain.info/address/1FweLVpvgdF84QrhVtAvUVkNM6A4qkNvhz
Live Recent Rounds:
http://eligius.st/~artefact2/
http://mining.eligius.st:8337 -u 1FweLVpvgdF84QrhVtAvUVkNM6A4qkNvhz -p x
ra.mining.eligius.st:8337
hosting infos:
http://whois.domaintools.com/23.21.225.111