Техническая информация
- '%TEMP%\WPE PRO - modified.exe'
- '%TEMP%\123.exe'
- %TEMP%\WPE PRO - modified.exe
- %TEMP%\WPE PRO - modified.exe.nb5.tmp
- %APPDATA%\Microsoft\Windows\((Mutex)).dat
- %TEMP%\WpeSpy.dll.nb5.tmp
- %TEMP%\SetPriv.dll
- %TEMP%\SetPriv.dll.nb5.tmp
- %TEMP%\WpeSpy.dll
- %TEMP%\aut1.tmp
- %TEMP%\123.exe
- %TEMP%\123.exe.nb5.tmp
- %TEMP%\res.ico
- %WINDIR%\InstallDir\Winup.exe
- %APPDATA%\Microsoft\Windows\((Mutex)).cfg
- %TEMP%\res.ico2
- %APPDATA%\Microsoft\Windows\((Mutex)).dat
- %APPDATA%\Microsoft\Windows\((Mutex)).cfg
- %TEMP%\WpeSpy.dll.nb5.tmp
- %TEMP%\SetPriv.dll.nb5.tmp
- %TEMP%\WPE PRO - modified.exe.nb5.tmp
- %TEMP%\123.exe.nb5.tmp
- %TEMP%\aut1.tmp
- 'be####a.no-ip.biz':103
- 'vi#.#o-ip.org':234
- 'al#####abbos.no-ip.biz':83
- '64.##5.43.131':80
- 'localhost':1038
- http://64.##5.43.131/a.php?id#############################
- DNS ASK vi#.#o-ip.org
- DNS ASK be####a.no-ip.biz
- DNS ASK al#####abbos.no-ip.biz
- ClassName: 'Shell_TrayWnd' WindowName: ''