Техническая информация
- %WINDIR%\Help\dfvbg.exe
- %WINDIR%\Help\dfvbg.exe (загружен из сети Интернет)
- <SYSTEM32>\attrib.exe +h %WINDIR%\Help\dfvbg.exe
- <SYSTEM32>\ping.exe ya.ru
- <SYSTEM32>\cmd.exe /c %WINDIR%\Help\tmp.bat
- %WINDIR%\Help\dfvbg.exe
- %WINDIR%\Help\tmp.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\conf[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\up[1].exe
- %WINDIR%\Help\dfvbg.exe
- 'www.ic#.com':80
- 'by##x.ru':80
- 'localhost':1035
- by##x.ru/public/up.exe
- www.ic#.com/people/640163964/
- by##x.ru/public/conf.php
- DNS ASK www.ic#.com
- DNS ASK ya.ru
- DNS ASK by##x.ru
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''