Техническая информация
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://www.mh##olh.net/wordpress/wp-includes/w_1.php?MC######### / 9:10:25 PM
- '<SYSTEM32>\regsvr32.exe' /s "%WINDIR%\GbIeObj.dll"
- '<SYSTEM32>\wscript.exe' /B "%HOMEPATH%\LOFT.vbe"
- %WINDIR%\GbIeObj.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\w_1[1].php
- %HOMEPATH%\rpl.sk
- %HOMEPATH%\LOFT.vbe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\LORJ[1]
- %HOMEPATH%\LOFT.vbe
- %HOMEPATH%\rpl.sk
- 'localhost':1039
- 'www.mh##olh.net':80
- 'localhost':1036
- 'ja###-spa.ru':80
- www.mh##olh.net/wordpress/wp-includes/w_1.php?MC############################
- ja###-spa.ru/images/M_images/LORJ
- DNS ASK www.mh##olh.net
- DNS ASK ja###-spa.ru
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_WINHELP' WindowName: '(null)'