Техническая информация
- C:\-1998166001
- C:\sbvyj.exe
- C:\vwhqlwgw.exe
- C:\vefuq.exe
- C:\mmpmegx.exe
- C:\baif.exe
- C:\gbfxe.exe
- C:\bktdl.exe
- C:\ofgitsly.exe
- C:\cclx.exe
- %TEMP%\nsx3.tmp\e4u.exe
- %TEMP%\nsl7.tmp\Apps.exe
- %TEMP%\nsx3.tmp\EP.exe
- %TEMP%\nsx3.tmp\Cpu-z v1.49.exe
- %TEMP%\nsx3.tmp\Apps.exe
- %TEMP%\nsl7.tmp\Cpu-z v1.49.exe
- C:\uhjb.exe
- C:\ryxy.exe
- %TEMP%\nsl7.tmp\EP.exe
- %TEMP%\nsl7.tmp\e4u.exe
- C:\vefuq.exe (загружен из сети Интернет)
- C:\sbvyj.exe (загружен из сети Интернет)
- C:\-1998166001 (загружен из сети Интернет)
- C:\bktdl.exe (загружен из сети Интернет)
- C:\gbfxe.exe (загружен из сети Интернет)
- C:\mmpmegx.exe (загружен из сети Интернет)
- C:\ryxy.exe (загружен из сети Интернет)
- C:\uhjb.exe (загружен из сети Интернет)
- C:\vwhqlwgw.exe (загружен из сети Интернет)
- C:\baif.exe (загружен из сети Интернет)
- C:\cclx.exe (загружен из сети Интернет)
- C:\ofgitsly.exe (загружен из сети Интернет)
- <SYSTEM32>\spoolsv.exe
- C:\bktdl.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\zgzzjjwli[1].php
- C:\vefuq.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ohnbbyyif[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\zgzzjjwli[2].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\hnkppz[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mbhrobl[1].php
- C:\baif.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\ohnbbyyif[1].php
- C:\cclx.exe
- C:\gbfxe.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\zfpcdmakt[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\bhrnbylv[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\iouvvfgcd[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\bhanx[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\zfpcdmakt[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\irxhiiffp[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\hohhveswgc[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\wcyijjt[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\wtqanbo[1].php
- C:\sbvyj.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\jqqankx[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\mbhrobl[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\jqqankx[2].php
- C:\-1998166001
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\wtqanbo[1].php
- %TEMP%\nsl7.tmp\Apps.exe
- %WINDIR%\Temp\8.tmp
- %TEMP%\nsl7.tmp\Cpu-z v1.49.exe
- %TEMP%\cpuz131\cpuz_x32.sys
- %TEMP%\nsl7.tmp\e4u.exe
- %TEMP%\nsl7.tmp\EP.exe
- <SYSTEM32>\spool\prtprocs\w32x86\6.tmp
- %TEMP%\nsx3.tmp\Apps.exe
- %TEMP%\nsx3.tmp\Cpu-z v1.49.exe
- %TEMP%\nsg2.tmp
- %TEMP%\nsy5.tmp
- %TEMP%\nsx3.tmp\e4u.exe
- %TEMP%\nsx3.tmp\EP.exe
- C:\vwhqlwgw.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\irxhiiffp[1].php
- C:\mmpmegx.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\bhrnbylv[1].php
- C:\ofgitsly.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\hohhveswgc[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\wcyijjt[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\iouvvfgcd[1].php
- %WINDIR%\Temp\B.tmp
- <SYSTEM32>\spool\prtprocs\w32x86\A.tmp
- C:\ryxy.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\hnkppz[1].php
- C:\uhjb.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\ohnbbyyif[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mbhrobl[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\jqqankx[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\bhrnbylv[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\hnkppz[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\zgzzjjwli[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\wcyijjt[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\hohhveswgc[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\irxhiiffp[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\wtqanbo[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\zfpcdmakt[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\iouvvfgcd[1].php
- %WINDIR%\Temp\8.tmp
- <SYSTEM32>\spool\prtprocs\w32x86\6.tmp
- %TEMP%\cpuz131\cpuz_x32.sys
- %TEMP%\nsx3.tmp\Apps.exe
- %TEMP%\nsx3.tmp\e4u.exe
- %TEMP%\nsx3.tmp\EP.exe
- %TEMP%\nsl7.tmp\e4u.exe
- %TEMP%\nsl7.tmp\EP.exe
- <SYSTEM32>\spool\prtprocs\w32x86\A.tmp
- %WINDIR%\Temp\B.tmp
- %TEMP%\nsl7.tmp\Apps.exe
- %TEMP%\nsl7.tmp\Cpu-z v1.49.exe
- 'a5###0057.cn':443
- 'ab###der.com':80
- 'fr####rts-2009.com':80
- 'je####ts-center.com':80
- ab###der.com/tdfpmmn/zgzzjjwli.php?ad########
- ab###der.com/tdfpmmn/mbhrobl.php?ad########
- ab###der.com/tdfpmmn/zfpcdmakt.php?ad########
- ab###der.com/tdfpmmn/bhanx.php?ad#################################################
- ab###der.com/tdfpmmn/wtqanbo.php?ad########
- ab###der.com/tdfpmmn/jqqankx.php?ad########
- ab###der.com/tdfpmmn/ohnbbyyif.php?ad########
- ab###der.com/tdfpmmn/wcyijjt.php?ad########
- ab###der.com/tdfpmmn/hnkppz.php?ad########
- ab###der.com/tdfpmmn/iouvvfgcd.php?ad########
- ab###der.com/tdfpmmn/bhrnbylv.php?ad########
- ab###der.com/tdfpmmn/hohhveswgc.php?ad########
- ab###der.com/tdfpmmn/irxhiiffp.php?ad########
- DNS ASK je####ts-center.com
- DNS ASK a5###0057.cn
- DNS ASK fr####rts-2009.com
- DNS ASK ab###der.com
- ClassName: 'MPWClass' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''