Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Win' = '"%APPDATA%\com\H.exe"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'upd' = '"%APPDATA%\U.exe"'
- %TEMP%\versao.tmp
- %TEMP%\versao.tmp
- 'us#####s.multimania.es':80
- '67.##5.160.76':80
- 'co######.webcindario.com':80
- http://us#####s.multimania.es/versao/versao.png
- http://co######.webcindario.com/acesso.php
- DNS ASK us#####s.multimania.es
- DNS ASK www.ya##o.com
- DNS ASK co######.webcindario.com
- ClassName: 'Indicator' WindowName: ''