Техническая информация
- '%TEMP%\ztmp\tmp7557.exe' /pid=3452
- '%TEMP%\ztmp\tmp7557.exe' /pid=3356
- '%TEMP%\ztmp\tmp7557.exe' /pid=3612
- '%TEMP%\ztmp\tmp7557.exe' /pid=3924
- '%TEMP%\ztmp\tmp7557.exe' /pid=3768
- '%TEMP%\ztmp\tmp7557.exe' /pid=3060
- '%TEMP%\ztmp\tmp7557.exe' Yz29koFyRv 1800000
- '%TEMP%\ztmp\tmp7557.exe' g7Nfx03d43
- '%TEMP%\ztmp\tmp7557.exe' /pid=3076
- '%TEMP%\ztmp\tmp7557.exe' /pid=1584
- '%TEMP%\ztmp\tmp7557.exe' /pid=328
- '<SYSTEM32>\attrib.exe' +h %TEMP%\ztmp
- <SYSTEM32>\cmd.exe
- %TEMP%\ztmp\tmp7557.exe
- %TEMP%\ztmp\tmp7505.bat
- 'ad#.ly':80
- 'localhost':1038
- ad#.ly/quv6x
- ad#.ly/quwLl
- ad#.ly/quueA
- ad#.ly/quurs
- ad#.ly/quwPl
- ad#.ly/quusu
- ad#.ly/quwUg
- ad#.ly/quuex
- ad#.ly/quudN
- DNS ASK ad#.ly
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: '135093/3000'
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''