Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'torrent_Runcher.exe boot' = '%PROGRAM_FILES%\Torrent DownLoader\torrent_Runcher.exe boot'
- <SYSTEM32>\schtasks.exe /create /sc onlogon /tn "Torrent Runcher" /tr "\"%PROGRAM_FILES%\Torrent DownLoader\torrent_Runcher.exe boot"\" /rl highest
- %PROGRAM_FILES%\Torrent DownLoader\torrent_Runcher.exe
- 'to####tbiz.co.kr':80
- to####tbiz.co.kr/mgr/ctrl/boot.php?pt#########
- to####tbiz.co.kr/mgr/ctrl/setup_update.php
- to####tbiz.co.kr/mgr/ctrl/banner_list.php
- to####tbiz.co.kr/torrent_biz.php
- DNS ASK to####tbiz.co.kr
- ClassName: 'Shell_TrayWnd' WindowName: ''