Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\consent.lnk
- '%TEMP%\consent.exe'
- '<SYSTEM32>\ipconfig.exe' /all
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\CAOHUP70.asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\CAWRQJUP.asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\CA2R8LA5.asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\iluykymrn222o[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\iluykymrn222o[1].asp
- %TEMP%\sysinfo2013.dll
- %TEMP%\123.bmp
- %TEMP%\consent.exe
- %TEMP%\12345678.temp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\privacy_security[1].htm
- %TEMP%\cert2013.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\CA2R8LA5.asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\iluykymrn222o[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\CAOHUP70.asp
- %TEMP%\123.bmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\CAWRQJUP.asp
- 'www.jo##mic.com':80
- '20#.#6.232.182':80
- www.jo##mic.com/aehuoli222o/segykuys2220/iluykymrn222o.asp?aa#######
- 20#.#6.232.182/info/privacy_security.htm
- DNS ASK www.jo##mic.com
- DNS ASK www.microsoft.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'