Техническая информация
- '<SYSTEM32>\reg.exe' add
- '<SYSTEM32>\net.exe' user Yougetdestoryed /ADD
- '<SYSTEM32>\net1.exe' user Yougetdestoryed /ADD
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' -nohome
- '%TEMP%\notepad.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\1.tmp\crunch.bat""
- '<SYSTEM32>\msg.exe' * troll
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\lemonparty[1]
- <SYSTEM32>\ls.bat
- %TEMP%\1.tmp\crunch.bat
- %TEMP%\notepad.exe
- %TEMP%\AfDVi
- 'localhost':1043
- 'www.le###party.org':80
- 'wp#d':80
- 'www.le####dsgame.com':443
- http://www.le###party.org/
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK www.le###party.org
- DNS ASK www.le####dsgame.com
- DNS ASK wp#d
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''