Техническая информация
- '<SYSTEM32>\lb_middle_5.exe'
- '<SYSTEM32>\lb_middle_5.exe' (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ips138[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ip.3322[1]
- <SYSTEM32>\lb_middle_5.exe
- 'www.ip##8.com':80
- 'xz#.#xooss.com':80
- 'ju##.#anboke.com':80
- 'ip.#322.net':80
- www.ip##8.com/ips138.asp?ip####
- xz#.#xooss.com/tac2/Count.asp?Ma######################################################
- ju##.#anboke.com/ndl.aspx?ui##################
- ip.#322.net/
- DNS ASK www.ip##8.com
- DNS ASK xz#.#xooss.com
- DNS ASK ju##.#anboke.com
- DNS ASK ip.#322.net
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: '#32770' WindowName: '???? ????'