Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'TS' = '%HOMEPATH%\ts.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'TV' = '%HOMEPATH%\tv.exe'
- <SYSTEM32>\logonui.exe /status /shutdown
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\libreria[1].k
- %HOMEPATH%\MSWINSCK.OCX
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\contar[1].php
- %HOMEPATH%\ts.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\programa1[1].k
- %HOMEPATH%\tv.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\programa2[1].k
- %HOMEPATH%\ts.exe
- %HOMEPATH%\tv.exe
- 'mu#####ucker.net23.net':80
- 'us#####s.multimania.es':80
- 'localhost':1035
- us#####s.multimania.es/muuthefucker/libreria.k
- mu#####ucker.net23.net/contar.php
- us#####s.multimania.es/muuthefucker/programa1.k
- us#####s.multimania.es/muuthefucker/programa2.k
- DNS ASK mu#####ucker.net23.net
- DNS ASK us#####s.multimania.es
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'StatusWindowClass' WindowName: ''
- ClassName: 'Indicator' WindowName: ''