Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\232907165.exe
- '%HOMEPATH%\Start Menu\Programs\Startup\232907165.exe'
- <SYSTEM32>\cmd.exe
- <SYSTEM32>\cscript.exe
- %WINDIR%\Explorer.EXE
- <SYSTEM32>\ctfmon.exe
- %TEMP%\nsn4.tmp\right-mindedness.dll
- %TEMP%\nsw2.tmp\right-mindedness.dll
- %TEMP%\right-mindedness.jhn
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\index[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\index[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\index[1].htm
- %TEMP%\nsw2.tmp\right-mindedness.dll
- %TEMP%\nsn4.tmp\right-mindedness.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[1].htm
- 'yo####anwine.com':80
- 'la###chimp.xyz':80
- 'fa###okes.com':80
- 'bo####ngduck.com':80
- yo####anwine.com/index.php
- la###chimp.xyz/index.php
- fa###okes.com/index.php
- bo####ngduck.com/index.php
- DNS ASK yo####anwine.com
- DNS ASK la###chimp.xyz
- DNS ASK fa###okes.com
- DNS ASK bo####ngduck.com