Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = 'userinit.exe,ssvchost.exe,%PROGRAM_FILES%\ssvchost.exe'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\ssvchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\config[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\config[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\image[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\image[1].jpg
- <SYSTEM32>\ssvchost.exe
- %PROGRAM_FILES%\ssvchost.exe
- <SYSTEM32>\tcpipmonit.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\config[1].txt
- 'www.fi######dcupbrasil.com.br':80
- 'di####nho.no-ip.org':80
- 'fi######dcupbrasil.com.br':80
- 'fi######dcupbrazil.com.br':80
- 'localhost':1038
- 'ma##.####worldcupbrazil.com.br':25
- 'h1.##pway.com':80
- 'co####le.no-ip.org':80
- www.fi######dcupbrasil.com.br/image.jpg
- fi######dcupbrazil.com.br/image.jpg
- fi######dcupbrasil.com.br/bho.jpg
- co####le.no-ip.org/config.txt
- h1.##pway.com/dianzinho/config.txt
- di####nho.no-ip.org/config.txt
- DNS ASK h1.##pway.com
- DNS ASK di####nho.no-ip.org
- DNS ASK fi######dcupbrasil.com.br
- DNS ASK co####le.no-ip.org
- DNS ASK ma##.####worldcupbrazil.com.br
- DNS ASK www.fi######dcupbrasil.com.br
- DNS ASK fi######dcupbrazil.com.br
- ClassName: 'Shell_TrayWnd' WindowName: ''