Техническая информация
- %TEMP%\qvz.exe
- %TEMP%\qvz.exe (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\b[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\b[1].exe
- %TEMP%\qvz.exe
- %TEMP%\billDE06Imkgc6H1D.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\b[1].exe
- %TEMP%\billDE06Imkgc6H1D.txt
- 'www.jm####nementiel.com':80
- 'www.tu##ovd.com':80
- 'localhost':1035
- 'it####novations.biz':80
- www.tu##ovd.com/v2/b.exe
- www.jm####nementiel.com/b.exe
- it####novations.biz/b.exe
- DNS ASK www.tu##ovd.com
- DNS ASK www.jm####nementiel.com
- DNS ASK it####novations.biz
- ClassName: 'Shell_TrayWnd' WindowName: ''