Техническая информация
- '%TEMP%\004.exe'
- '%TEMP%\004.exe' (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ad1[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ad2[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\da[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\dnf8282[1]
- <Текущая директория>\SkinH_EL.dll
- %TEMP%\004.exe.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ad[1].htm
- <Текущая директория>\SkinH_EL.dll
- %TEMP%\004.exe.tmp в %TEMP%\004.exe
- 'www.dn##282.com':80
- 'www.17##.com':80
- 'localhost':1036
- 'www.dn##828.com':80
- www.17##.com/ad1.htm
- www.17##.com/ad2.htm
- www.dn##828.com/da.htm
- www.dn##828.com/004.exe
- www.dn##282.com/
- www.dn##828.com/ad.htm
- DNS ASK www.17##.com
- DNS ASK www.dn##282.com
- DNS ASK www.dn##828.com
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '(null)' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'