Техническая информация
- %WINDIR%\Getphp.exe
- %WINDIR%\ballon.exe
- %WINDIR%\Getphp.exe (загружен из сети Интернет)
- <SYSTEM32>\regsvr32.exe /s %WINDIR%\LoadHtml.txt
- <SYSTEM32>\regsvr32.exe /s %WINDIR%\LoadJava.txt
- <SYSTEM32>\regsvr32.exe /s %WINDIR%\LoadAjax.txt
- %WINDIR%\LoadHtml.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\LoadHtml[1].bmp
- %WINDIR%\Getphp.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\Exec[1].bmp
- %WINDIR%\LoadJava.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\LoadAjax[1].bmp
- %WINDIR%\ballon.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\LoadJava[1].bmp
- %WINDIR%\LoadAjax.txt
- '20#.#3.21.81':80
- 'localhost':1036
- 20#.#3.21.81/~mesmoass/images/LoadHtml.bmp
- 20#.#3.21.81/~mesmoass/images/Exec.bmp
- 20#.#3.21.81/~mesmoass/images/LoadAjax.bmp
- 20#.#3.21.81/~mesmoass/images/LoadJava.bmp
- ClassName: 'Shell_TrayWnd' WindowName: ''