Техническая информация
- '<SYSTEM32>\cmd.exe' /c 8V7z7J8J6z5t.bat
- '%TEMP%\VIEWS.exe'
- '%TEMP%\VIEW.exe' /SaveDirect /stab "%TEMP%\stemp.xml"
- [<HKCU>\Software\Yahoo\Pager]
- [<HKCU>\Software\Microsoft\IdentityCRL]
- [<HKCU>\Software\Microsoft\Windows Live Mail]
- [<HKCU>\Software\Microsoft\MSNMessenger]
- [<HKCU>\Software\Microsoft\Office\Outlook\OMI Account Manager\Accounts]
- [<HKCU>\Identities\{5518F2FB-DB74-45A3-BEC1-4575D8D9DC84}\Software\Microsoft\Internet Account Manager\Accounts]
- [<HKCU>\Identities\{5518F2FB-DB74-45A3-BEC1-4575D8D9DC84}\Software\Microsoft\Office\Outlook\OMI Account Manager\Accounts]
- %TEMP%\cp2.tmp
- %TEMP%\SMTP_CRNJEUFU_197.dat
- <Текущая директория>\8V7z7J8J6z5t.bat
- %TEMP%\VIEWS.cfg
- %TEMP%\stemp.xml
- %TEMP%\VIEW.exe
- %TEMP%\cp1.tmp
- %TEMP%\VIEWS.exe
- %TEMP%\SMTP_CRNJEUFU_197.dat
- %TEMP%\VIEWS.exe
- %TEMP%\cp2.tmp
- %TEMP%\stemp.xml
- %TEMP%\cp1.tmp
- '17#.#29.10.197':80
- http://17#.#29.10.197/list/index.php
- ClassName: 'MailPassView' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: 'Email'