Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'TaxiSystem.exe' = '<LS_APPDATA>\RedLabells\TaxiSystem.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MSMSGS' = '"%PROGRAM_FILES%\Messenger\msmsgs.exe" /background'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Hotwells.exe' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'TaxiSystem.exe' = ''
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'InsertSound.exe' = ''
- [<HKCU>\Software\Microsoft\MessengerService]
- <LS_APPDATA>\RedLabells\TaxiSystem.exe
- <Текущая директория>\hookdll.dll
- 'www.va#####roventura.com.br':80
- 'www.pa######scronenbourg.net':80
- 'www.in####nights.net':80
- 'ic#######.sportinterface.net':80
- 'www.te###s-ing.com':80
- 'www.al###skanan.net':80
- www.va#####roventura.com.br/fotos/washb.php
- www.pa######scronenbourg.net/images/thumbnails/washb.php
- www.in####nights.net/menu/washb.php
- ic#######.sportinterface.net/adonet.php
- www.te###s-ing.com/refrac_v1/images/adonet.php
- www.al###skanan.net/albums/adonet.php
- DNS ASK www.va#####roventura.com.br
- DNS ASK www.pa######scronenbourg.net
- DNS ASK www.in####nights.net
- DNS ASK www.al###skanan.net
- DNS ASK ic#######.sportinterface.net
- DNS ASK www.te###s-ing.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''