Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'explorer' = '%WINDIR%\temp\explorer.exe-hide'
- %WINDIR%\temp\explorer.exe
- %WINDIR%\results.txt
- %HOMEPATH%\documents\kazaa\shared\vac2 proof - undetected css hack v2.1.exe
- %HOMEPATH%\documents\imesh\shared\vac2 proof - undetected css hack v2.1.exe
- %HOMEPATH%\documents\frostbite\shared\vac2 proof - undetected css hack v2.1.exe
- %HOMEPATH%\documents\limewire\shared\vac2 proof - undetected css hack v2.1.exe
- %HOMEPATH%\documents\frostwire\shared\vac2 proof - undetected css hack v2.1.exe
- %HOMEPATH%\documents\shareaza\shared\vac2 proof - undetected css hack v2.1.exe
- %HOMEPATH%\documents\morpheus\shared\vac2 proof - undetected css hack v2.1.exe
- DNS ASK pi####e-myspace.com