Техническая информация
- '%TEMP%\9158chat_409200.exe' /SILENT
- '%TEMP%\9158chat_409200.exe' (загружен из сети Интернет)
- '%WINDIR%\explorer.exe' http://mo#g.in/ad.html?wx##
- '%WINDIR%\explorer.exe' http://mo#g.in/ad.html?wc###
- '%WINDIR%\explorer.exe' http://mo#g.in/ad.html?wi#
- '<SYSTEM32>\wscript.exe' "%TEMP%\b.vbe"
- '%WINDIR%\explorer.exe' http://mo#g.in/ad.html?ta
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\9158chat_409200[1].exe
- %TEMP%\9158chat_409200.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ad[2].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\ad[1].html
- %TEMP%\b.vbe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ad[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ad[1].html
- %TEMP%\b.vbe
- 'mo#g.in':80
- 'do####ad21.subo.me':80
- 'localhost':1039
- 'localhost':1036
- 'w.##a.nl':9
- do####ad21.subo.me/9158/9158chat_409200.exe
- mo#g.in/ad.html?wc###
- mo#g.in/ad.html?wx##
- mo#g.in/ad.html?ta
- mo#g.in/ad.html?wi#
- DNS ASK do####ad21.subo.me
- DNS ASK mo#g.in
- DNS ASK w.##a.nl
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'