Техническая информация
- '%WINDIR%\_dl1.exe' ===%TEMP%\_dl1.exe
- '%TEMP%\_dl1.tmp'
- C:\RegTemp.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\dldr[1].txt
- %WINDIR%\_dl1.exe
- %TEMP%\_dl1.tmp
- <SYSTEM32>\<Имя вируса>.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\dldr[1].txt
- C:\RegTemp.txt
- 'ji#####an.us7.hap02.com':80
- 'localhost':1035
- ji#####an.us7.hap02.com/dldr.txt
- DNS ASK ji#####an.us7.hap02.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'