Техническая информация
- C:\NTDETBCT.COM
- %TEMP%\DNF°БКУХэКЅ°ж0625.exe
- C:\NTDETBCT.COM (загружен из сети Интернет)
- <SYSTEM32>\wscript.exe "%TEMP%\function.vbs"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\piao1[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\piao1[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\piao1[1].asp
- C:\NTDETBCT.COM
- %TEMP%\DNF°БКУХэКЅ°ж0625.exe
- %TEMP%\function.vbs
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\function[1].exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\piao1[1].asp
- 'www.dn###shi.com':80
- 'fa####okok.8800.org':80
- 'localhost':1035
- www.dn###shi.com/piao1.asp?AC#################################################################################################################
- www.dn###shi.com/piao1.asp?AC####
- fa####okok.8800.org/aspnet_client/function.exe
- DNS ASK www.dn###shi.com
- DNS ASK fa####okok.8800.org
- ClassName: 'Shell_TrayWnd' WindowName: ''