Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\240c339.exe
- %HOMEPATH%\Start Menu\Programs\Startup\240c339.exe
- Компонент восстановления системы (SR)
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\winlogon.exe
- <SYSTEM32>\svchost.exe
- %WINDIR%\Explorer.EXE
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\75geuq4z2ggo[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\vopwfijwokeo9[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tlar8f8dla96cvc[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\urhjgrqesqs[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\75geuq4z2ggo[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\vopwfijwokeo9[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tlar8f8dla96cvc[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\urhjgrqesqs[1].htm
- 'du####pupuka.com':80
- 'va###pafel.com':80
- 'se####tamata.com':80
- 'yu###isa.com':80
- DNS ASK du####pupuka.com
- DNS ASK va###pafel.com
- DNS ASK se####tamata.com
- DNS ASK yu###isa.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'