Техническая информация
- '%TEMP%\evb7.tmp' -exe
- [<HKCU>\Software\Microsoft\Office\Outlook\OMI Account Manager\Accounts]
- [<HKCU>\Software\Microsoft\Internet Account Manager\Accounts]
- %TEMP%\evbC.tmp
- %TEMP%\evbB.tmp
- %TEMP%\evbA.tmp
- <LS_APPDATA>\Microsoft\Internet Explorer\MSIMGSIZ.DAT
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\2VAZY7AN\msave[1].php
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\2VAZY7AN\CATOCF99.php
- %TEMP%\evb9.tmp
- %TEMP%\evb4.tmp
- %TEMP%\evb3.tmp
- %TEMP%\evb2.tmp
- %TEMP%\evb7.tmp
- %TEMP%\evb6.tmp
- %TEMP%\evb5.tmp
- %TEMP%\evb5.tmp
- %TEMP%\evb7.tmp
- %TEMP%\evb2.tmp
- %TEMP%\evb4.tmp
- 'localhost':1043
- 'www.li#####ateonline.com':80
- 'localhost':1039
- 'www.wi##end.com':80
- http://www.li#####ateonline.com/1611/onlineupdate.php?ke#########################################################################################################################################...
- http://www.li#####ateonline.com/1611/msave.php
- http://www.wi##end.com/softweb/checkupdate.asp?MA#######################################################################################
- http://www.wi##end.com/softweb/ourproducts.asp?la#########
- DNS ASK www.li#####ateonline.com
- DNS ASK www.wi##end.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''