Техническая информация
- %TEMP%\yese.exe /S
- %TEMP%\yese.exe (загружен из сети Интернет)
- <SYSTEM32>\cacls.exe "%HOMEPATH%\Desktop\????.url" /p everyone:f
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\yese_6738000005[1]
- %TEMP%\yese.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\4829458[1].js
- %APPDATA%\icon\taobao.ico
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\4829458[1].js
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\CARAK3V5.asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\4829458[1].js
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\4829458[1].js
- 'c.###e55.com':80
- 'localhost':1043
- '2x###l.7moo.com':80
- 'localhost':1037
- 'js.##ers.51.la':80
- c.###e55.com/c/yese_6738000005
- js.##ers.51.la/4829458.js
- DNS ASK 12#.#dwg.com
- DNS ASK c.###e55.com
- DNS ASK js.##ers.51.la
- DNS ASK 2x###l.7moo.com
- '<IP-адрес в локальной сети>':1039
- '<IP-адрес в локальной сети>':1038
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '#32770' WindowName: '????'
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '#32770' WindowName: ''
- ClassName: '' WindowName: ''