Техническая информация
- '%APPDATA%\ypn\chp.exe' "%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE" http://5.##.176.208/transport/acquired-towards.php
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://5.##.176.208/transport/acquired-towards.php
- '<SYSTEM32>\cmd.exe' /c ""%APPDATA%\ypn\bat.bat" "
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\acquired-towards[1].php
- %APPDATA%\ypn\chp.exe
- %APPDATA%\ypn\bat.bat
- '5.##.176.208':80
- 'localhost':1035
- 5.##.176.208/transport/acquired-towards.php
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'