Техническая информация
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://bb##b.ru/cli/BG.php?MC######### / 1:35:51 AM&INS=SEM PLUGINS
- '<SYSTEM32>\regsvr32.exe' /s %WINDIR%\GbrL.dll
- '<SYSTEM32>\wscript.exe' /B %TEMP%\RaL.vbe
- %HOMEPATH%\ReLx0517
- %WINDIR%\GbrL.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\BG[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\MIRL[1]
- %TEMP%\RaL.vbe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\DINOL[1]
- %TEMP%\DarL.sys
- %TEMP%\RaL.vbe
- %TEMP%\DarL.sys
- %HOMEPATH%\ReLx0517 в %HOMEPATH%\ReLx0517.exe
- 'localhost':1039
- 'bb##b.ru':80
- 'localhost':1036
- 'ma###2.com.ar':80
- bb##b.ru/cli/BG.php?MC##############################################
- ma###2.com.ar/img/icons/tabs/MIRL
- ma###2.com.ar/img/icons/tabs/DINOL
- DNS ASK bb##b.ru
- DNS ASK ma###2.com.ar
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'