Техническая информация
- <SYSTEM32>\wcamlld.exe (загружен из сети Интернет)
- <SYSTEM32>\webcamz.exe (загружен из сети Интернет)
- <SYSTEM32>\wcamlld.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\wcamr[1].jpg
- <SYSTEM32>\Partizan.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\wmsyspr99[1].jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\mensagens[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\gareds[1].png
- <SYSTEM32>\webcamz.exe
- <Полный путь к вирусу>
- 'www.ch###28.kit.net':80
- 'www.re###.kit.net':80
- 'pa#####.terra.com.br':80
- 'localhost':1038
- 'www.de#####caodeamor.com':80
- 'localhost':1040
- www.re###.kit.net/wmsyspr99.jpg
- pa#####.terra.com.br/esporte/jadeu/wcamr.jpg
- www.de#####caodeamor.com/mensagens.php?de#####
- www.ch###28.kit.net/gareds.png
- DNS ASK www.re###.kit.net
- DNS ASK pa#####.terra.com.br
- DNS ASK www.de#####caodeamor.com
- DNS ASK www.ch###28.kit.net
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''