Technical Information
- <SYSTEM32>\net.exe stop sharedaccess
- <SYSTEM32>\regsvr32.exe /s MSINET.OCX
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\p[1].php
- <SYSTEM32>\hell.log
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\freg[1].txt
- <SYSTEM32>\MSINET.OCX
- 'he##.###e-web-hosting.biz':80
- 'ft#.#ost.com':21
- 'localhost':1035
- 'he##.by.ru':80
- he##.###e-web-hosting.biz/l/p.php?h=##################################
- he##.by.ru/freg.txt
- DNS ASK he##.###e-web-hosting.biz
- DNS ASK ft#.#ost.com
- DNS ASK he##.by.ru
- '<Private IP address>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''