Техническая информация
- %WINDIR%\Tasks\balada.job
- %HOMEPATH%\Start Menu\Programs\Startup\winupdate.exe
- '<SYSTEM32>\schtasks.exe' /create /tn balada /tr c:\autoexec.bat /sc onstart /ru system
- %PROGRAM_FILES%\winupdate.exe
- C:\autoexec.bat
- 'www.ta####01.kit.net':80
- 'www.ta####02.kit.net':80
- 'www.pa###.kit.net':80
- 'www.go###e.com.br':80
- 'lo###.##nho.googlepages.com':80
- www.ta####01.kit.net/config.pps
- www.ta####02.kit.net/config.pps
- www.pa###.kit.net/config.pps
- www.go###e.com.br/
- lo###.##nho.googlepages.com/config.pps
- DNS ASK www.ta####03.kit.net
- DNS ASK www.ta####02.kit.net
- DNS ASK www.ta####05.kit.net
- DNS ASK www.ta####04.kit.net
- DNS ASK lo###.##nho.googlepages.com
- DNS ASK www.go###e.com.br
- DNS ASK www.ta####01.kit.net
- DNS ASK www.pa###.kit.net
- ClassName: '(null)' WindowName: 'PRINCsys'