Техническая информация
- '%TEMP%\castra.exe'
- '%TEMP%\castra.sfx.exe' -pmerde -d%HOMEPATH%\Local Settings\Temp
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\en.bat" "
- [<HKCU>\Software\Paltalk]
- [<HKCU>\Software\Yahoo\pager]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\index[1].php
- %TEMP%\castra.exe
- %TEMP%\en.bat
- %TEMP%\castra.sfx.exe
- 'go####h.host22.com':80
- 'localhost':1035
- go####h.host22.com/index.php?ac#####################################################################################################
- go####h.host22.com/index.php?ac##############################################
- DNS ASK go####h.host22.com
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'