Техническая информация
- '%WINDIR%\Temp\2011430123239.exe'
- 'C:\єуМЁЗї»Ї.exe'
- 'C:\server.exe'
- Библиотека-обработчик для всех процессов: C:\cfgdll.dll
- C:\plugin\Office.dll
- C:\plugin\Pic.dll
- C:\plugin\Sys.dll
- C:\plugin\Net.dll
- C:\plugin\Media.dll
- C:\plugin\Memory.dll
- C:\plugin\Msg.dll
- %WINDIR%\Temp\svchost.exe
- C:\cfgdll.dll
- %TEMP%\2
- %WINDIR%\Temp\svchost.dll
- C:\plugin\Web.dll
- C:\plugin\Window.dll
- <SYSTEM32>\qdisp.dll
- C:\plugin\GetSysInfo.dll
- %TEMP%\4.tmp
- %TEMP%\mymacro.zip
- %TEMP%\ad-mymacro.xml
- %TEMP%\3.tmp
- C:\server.exe
- C:\єуМЁЗї»Ї.exe
- %WINDIR%\Temp\2011430123239.exe
- C:\plugin\Console.dll
- C:\plugin\Encrypt.dll
- C:\plugin\File.dll
- C:\plugin\Color.dll
- %TEMP%\adcon\mm\tmpad.xml
- C:\plugin\Bkgnd.dll
- C:\plugin\BkgndColor.dll
- %TEMP%\2
- %TEMP%\adcon\mm\tmpad.xml
- %TEMP%\mymacro.zip
- 'li#####279com.gicp.net':8080
- 'localhost':1035
- DNS ASK do##.#rbrothers.com
- DNS ASK hi.###rothers.com
- DNS ASK li#####279com.gicp.net
- DNS ASK ad.###rothers.com
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'