Техническая информация
- <SYSTEM32>\dllhostup.exe (загружен из сети Интернет)
- %WINDIR%\WINSTART.CMD (загружен из сети Интернет)
- %WINDIR%\regedit.exe /S %WINDIR%\SCANREG01.REG
- %WINDIR%\WINSTART.CMD
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\techa[1].pdf
- <SYSTEM32>\dllhostup.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\tech00P[1].pdf
- %WINDIR%\SCANREG01.REG
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tech00[1].pdf
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\tech1[1].pdf
- <SYSTEM32>\clean.exe
- 'www.wi###und.org':80
- 'www.gr##ia.it':80
- 'localhost':1036
- www.wi###und.org/albums/.../techa.pdf
- www.gr##ia.it/portale/config/.../tech00P.pdf
- www.gr##ia.it/portale/config/.../tech00.pdf
- www.wi###und.org/albums/.../tech1.pdf
- DNS ASK www.wi###und.org
- DNS ASK www.gr##ia.it
- '<IP-адрес в локальной сети>':1037
- ClassName: 'RegEdit_RegEdit' WindowName: ''