Техническая информация
- <SYSTEM32>\mshta.exe "<SYSTEM32>\usmwrnuzqq.hta"
- firefox.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\reg[1].asp
- <SYSTEM32>\usmwrnuzqq.hta
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\para[1].asp
- <SYSTEM32>\usmwrnuzqq.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\yenipc[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\para[1].asp
- %TEMP%\~DF9CF4.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\reg[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\yenipc[1].asp
- 'www.go###e20.com':80
- 'localhost':1036
- www.go###e20.com/para.asp?11#######################
- www.go###e20.com/reg.asp?ex################
- www.go###e20.com/yenipc.asp?hd############################
- DNS ASK www.go###e20.com
- DNS ASK www.go###e.com.tr
- DNS ASK www.google.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''