Техническая информация
- '%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\wscntly[1].exe'
- '%HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\wscntly[1].exe' (загружен из сети Интернет)
- '<SYSTEM32>\mshta.exe'
- 'bi#.###nfocenter.com':80
- 'localhost':1036
- http://bi#.###nfocenter.com/wscntly.exe
- DNS ASK bi#.###nfocenter.com
- ClassName: 'Shell_TrayWnd' WindowName: ''