Техническая информация
- '%TEMP%\wma3.scr' /S
- '%TEMP%\av.exe' /nogui %TEMP%\tempk.txt
- '%TEMP%\avgi.scr' /S
- '%TEMP%\av.exe' (загружен из сети Интернет)
- '%TEMP%\avgi.scr' (загружен из сети Интернет)
- '%TEMP%\wma3.scr' (загружен из сети Интернет)
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\av[1].gif
- %TEMP%\tempk.txt
- %TEMP%\av.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\wma3[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\avgi[1].gif
- %TEMP%\wma3.scr
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Motel07[1].php
- %TEMP%\conf.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\avgi[1].gif
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\wma3[1].gif
- %TEMP%\avgi.scr
- 'localhost':1042
- '18#.#26.117.129':80
- 'oi########.dominiotemporario.com':80
- 'localhost':1038
- '20#.3.182.4':80
- oi########.dominiotemporario.com/images/av.gif
- 18#.#26.117.129/images/avgi.gif
- 18#.#26.117.129/images/wma3.gif
- 20#.3.182.4/images/Motel07.php
- oi########.dominiotemporario.com/images/avgi.gif
- oi########.dominiotemporario.com/images/wma3.gif
- DNS ASK oi########.dominiotemporario.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''