Техническая информация
- %TEMP%\behe.exe
- <SYSTEM32>\spoolsv.exe
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\i[1].php
- %WINDIR%\Temp\superbacf.tmp
- %TEMP%\tmp2.tmp
- %TEMP%\behe.exe
- %TEMP%\tmp1.tmp
- %TEMP%\tmp1.tmp
- %TEMP%\tmp2.tmp
- 'll###info.com':80
- 'localhost':1036
- ll###info.com/i.php
- DNS ASK ll###info.com
- ClassName: 'Shell_TrayWnd' WindowName: ''