Technical Information
- %HOMEPATH%\Start Menu\Programs\Startup\Java_update.exe
- '%APPDATA%\svchost.exe'
- '%TEMP%\RarSFX0\stubz.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new
- %APPDATA%\svchost.exe
- %TEMP%\RarSFX0\Hacker-Facebook By Anonymous.exe
- %TEMP%\RarSFX0\stubz.exe
- from %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new to %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
- from %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new to %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
- 'as####0.linkpc.net':5555
- DNS ASK as####0.linkpc.net
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''