Техническая информация
- '%ALLUSERSPROFILE%\.exe'
- '%WINDIR%\sleep.exe' 1
- '<SYSTEM32>\attrib.exe' -H "%ALLUSERSPROFILE%\\.exe"
- '<SYSTEM32>\cmd.exe' /c "%ALLUSERSPROFILE%\\it.bat"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\g[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\[1].txt
- %ALLUSERSPROFILE%\.exe
- %ALLUSERSPROFILE%\it.bat
- %ALLUSERSPROFILE%\.exe
- 'ga#####9.hostgator.com':80
- 'ga#####4.hostgator.com':80
- 'localhost':1037
- 'localhost':1038
- ga#####4.hostgator.com/~dragonzh/blkx/scu/.txt
- ga#####9.hostgator.com/~haitham/g.php
- DNS ASK ga#####4.hostgator.com
- DNS ASK ga#####9.hostgator.com
- ClassName: 'dffgeed' WindowName: '(null)'
- ClassName: 'cconvwndbase' WindowName: '(null)'
- ClassName: 'stetrs' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'