Техническая информация
- '<SYSTEM32>\wscript.exe' "%APPDATA%\ud7.vbs"
- '%APPDATA%\wwaf4.scr' (загружен из сети Интернет)
- '%APPDATA%\dx8ow.exe' (загружен из сети Интернет)
- '%APPDATA%\wwaf4.scr'
- '%APPDATA%\dx8ow.exe'
- %APPDATA%\wwaf4.scr
- %APPDATA%\dx8ow.exe
- %APPDATA%\ud7.vbs
- 'bl####earest.com':80
- http://bl####earest.com//wp-content/themes/welcome_inn/cache/sleepshop.scr
- http://bl####earest.com//wp-content/themes/welcome_inn/cache/norsleep32.mtk
- http://bl####earest.com//wp-content/themes/welcome_inn/cache/xx1.mtk
- DNS ASK bl####earest.com
- ClassName: 'Shell_TrayWnd' WindowName: ''