Техническая информация
- %WINDIR%\Tasks\At1.job
- %TEMP%\vc_is2.exe
- %TEMP%\nsw6.tmp\ns7.tmp <SYSTEM32>\cmd.exe /C at 22:36 /every:M,T,W,Th,F,Sa,Su ""%WINDIR%\uhcd.exe""
- <Текущая директория>\setupb.exe
- %TEMP%\imnc.exe
- %TEMP%\imnc.exe (загружен из сети Интернет)
- <SYSTEM32>\at.exe 22:36 /every:M,T,W,Th,F,Sa,Su ""%WINDIR%\uhcd.exe""
- %WINDIR%\wtsx.exe
- %WINDIR%\kdhr.exe
- %WINDIR%\uhcd.exe
- %WINDIR%\pdwa.exe
- %TEMP%\nsw6.tmp\ns7.tmp
- %TEMP%\nsw6.tmp\nsExec.dll
- %WINDIR%\dtmn.exe
- <Текущая директория>\setupb.exe
- %TEMP%\vc_is2.exe
- %TEMP%\nsz2.tmp
- %TEMP%\nsp3.tmp\inetc.dll
- %TEMP%\nsl5.tmp
- %TEMP%\imnc.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\download[1].php
- %WINDIR%\wtsx.exe
- %WINDIR%\pdwa.exe
- %WINDIR%\dtmn.exe
- %WINDIR%\kdhr.exe
- %TEMP%\vc_is2.exe
- <Текущая директория>\setupb.exe
- %WINDIR%\uhcd.exe
- %TEMP%\nsp3.tmp\inetc.dll
- 'www.in#####monetizer.com':80
- www.in#####monetizer.com/download.php?kX######
- DNS ASK www.in#####monetizer.com
- ClassName: 'SysListView32' WindowName: ''
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''