Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\xxx.exe
- %WINDIR%\Help\xxx.exe
- %WINDIR%\security\xxx.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\call_616592[1].wma
- C:\xxx.exe
- <LS_APPDATA>\Microsoft\Windows Media\9.0\WMSDKNS.XML.bak
- <LS_APPDATA>\Microsoft\Windows Media\9.0\WMSDKNSD.XML
- <SYSTEM32>\Restore\xxx.exe
- <LS_APPDATA>\Microsoft\Windows Media\9.0\WMSDKNS.XML.bak
- 'me###.zezalica.com':80
- 'localhost':1039
- 'me###.zezalica.com':554
- 'me###.zezalica.com':1755
- me###.zezalica.com/media/call_616592.wma?au#######################################
- DNS ASK me###.zezalica.com
- ClassName: 'Shell_TrayWnd' WindowName: ''