Техническая информация
- <SYSTEM32>\cmd.exe /c ""%TEMP%\_uninsep.bat" "
- iexplore.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\40036875146[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\40049065217[1].htm
- %TEMP%\_uninsep.bat
- %TEMP%\wincom.exe
- %TEMP%\wincom.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\40049065217[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\40036875146[1].htm
- 'fi####e.esmtp.biz':80
- fi####e.esmtp.biz/40047965225.php
- fi####e.esmtp.biz/40049065217.php
- fi####e.esmtp.biz/40036875146.php
- DNS ASK fi####e.esmtp.biz
- '<IP-адрес в локальной сети>':1036
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''