Техническая информация
- <SYSTEM32>\Rar.exe x -y <SYSTEM32>\XPocx.rar <SYSTEM32>\
- <SYSTEM32>\Rar.exe (загружен из сети Интернет)
- <SYSTEM32>\regsvr32.exe <SYSTEM32>\ezVidC60.ocx /s
- <SYSTEM32>\regsvr32.exe <SYSTEM32>\imgedit.ocx /s
- <SYSTEM32>\regsvr32.exe <SYSTEM32>\MSWINSCK.OCX /s
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\SVCH0ST[1].EXE
- <SYSTEM32>\SVCH0ST.EXE
- <SYSTEM32>\Rar.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\XPocx[1].rar
- <SYSTEM32>\XPocx.rar
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\Rar[1].exe
- <SYSTEM32>\XPocx.rar
- <SYSTEM32>\Rar.exe
- 'bi####.free3.dns8cn.com':80
- 'localhost':1036
- bi####.free3.dns8cn.com/binzhe/SVCH0ST.EXE
- bi####.free3.dns8cn.com/binzhe/Rar.exe
- bi####.free3.dns8cn.com/binzhe/XPocx.rar
- DNS ASK bi####.free3.dns8cn.com
- ClassName: 'Shell_TrayWnd' WindowName: ''