Техническая информация
- <SYSTEM32>\ntvdm.exe -f -i2
- <SYSTEM32>\ntvdm.exe -f -i3
- <SYSTEM32>\cmd.exe /c ""C:\810.bat" "
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\cmd.exe /c ""<Текущая директория>\z.bat" "
- <SYSTEM32>\ntvdm.exe -f -i1
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\c[1].dat
- %WINDIR%\Temp\scs4.tmp
- %WINDIR%\Temp\scs3.tmp
- C:\ctfmon.exe
- %WINDIR%\Temp\scs6.tmp
- C:\810.bat
- %WINDIR%\Temp\scs5.tmp
- C:\services.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\a[1].dat
- <Текущая директория>\z.bat
- %WINDIR%\Temp\scs1.tmp
- C:\smss.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\b[1].dat
- %WINDIR%\Temp\scs2.tmp
- C:\smss.exe
- C:\services.exe
- %WINDIR%\Temp\scs4.tmp
- C:\ctfmon.exe
- %WINDIR%\Temp\scs6.tmp
- %WINDIR%\Temp\scs5.tmp
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\a[1].dat
- %WINDIR%\Temp\scs3.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\c[1].dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\b[1].dat
- 'me####s.chello.sk':80
- me####s.chello.sk/j.szakalova/c.dat
- me####s.chello.sk/j.szakalova/b.dat
- me####s.chello.sk/j.szakalova/a.dat
- DNS ASK me####s.chello.sk
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-a34.a38.3a0005'
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-a20.a24.390002'
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-a10.a14.380001'