Техническая информация
- '%TEMP%\yiqmonMe.exe' 6020
- '%TEMP%\yiqmon.exe'
- '%TEMP%\yiqmon.exe' (загружен из сети Интернет)
- '<SYSTEM32>\cmd.exe' /c %TEMP%\c.bat
- %TEMP%\yiqmon.exe
- %TEMP%\c.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\gg[1].asp
- %TEMP%\yiqmonMe.exe
- %TEMP%\nsl2.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\yiqmon[1].exe
- %TEMP%\nsh3.tmp\inetc.dll
- %TEMP%\yiqmonMe.exe
- %TEMP%\~DF5888.tmp
- %TEMP%\nsh3.tmp\inetc.dll
- 'www.ze###ion.com':80
- 'localhost':1037
- '22#.#6.214.34':80
- www.ze###ion.com/gg.asp?ke########################################################################
- 22#.#6.214.34/yiqmon.exe
- DNS ASK www.ze###ion.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'