Техническая информация
- %WINDIR%\Tasks\{3F0F32BA-1503-28FF-6D57-2F493608ED2B}.job
- '%APPDATA%\Microsoft\MMC\cxglnwz.exe'
- <SYSTEM32>\cscript.exe
- <SYSTEM32>\cmd.exe
- <SYSTEM32>\ctfmon.exe
- [<HKCU>\Software\Microsoft\messengerservice]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\scan[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\scan[1].htm
- %APPDATA%\Microsoft\MMC\cxglnwz.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\scan[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\scan[1].htm
- 'bl###.##stombarcelona.com':80
- bl###.##stombarcelona.com/scan.php
- DNS ASK bl###.##stombarcelona.com