Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\start1.exe
- '%TEMP%\x11811.exe' -a 60 -g yes -o http://x.####rs.in:8332/ -u redem_guild -p redemxxx3x2 -t 2
- '%TEMP%\hstart.exe' /NOCONSOLE x.bat
- '%HOMEPATH%\Start Menu\Programs\Startup\start1.exe'
- '<SYSTEM32>\taskkill.exe' /f /im mamita.exe
- '<SYSTEM32>\taskkill.exe' /f /im x11811.exe
- '<SYSTEM32>\cmd.exe' /c x.bat
- '<SYSTEM32>\taskkill.exe' /f /im svchoost.exe
- %TEMP%\x.bat
- %TEMP%\x11811.exe
- %TEMP%\hstart.exe
- 'x.##ners.in':8332
- DNS ASK x.##ners.in
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'