Техническая информация
- '%APPDATA%\DAT\Project1.exe'
- '%TEMP%\se.exe'
- '%TEMP%\AEwDMc.exe' nLPIxZ
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %TEMP%\Svchost.exe
- %TEMP%\nLPIxZ
- %TEMP%\se.exe
- %APPDATA%\DAT\Project1.exe
- %TEMP%\nsg5.tmp
- %TEMP%\AEwDMc.exe
- %TEMP%\aut1.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut3.tmp
- %TEMP%\Bshnjv.txt
- %TEMP%\Svchost.exe
- %TEMP%\Bshnjv.txt
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- %TEMP%\nLPIxZ
- %TEMP%\aut3.tmp
- %TEMP%\AEwDMc.exe в %TEMP%\AEwDMc.exe
- 'www.wi###c-dd.com':80
- 'localhost':1037
- www.wi###c-dd.com/direct-download.html?ve#####################################################
- DNS ASK www.wi###c-dd.com
- ClassName: 'Shell_TrayWnd' WindowName: ''