Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\Document Cache.lnk
- 'C:\Document Cache\doccache.exe' /i:3B18840F$5837CEE9 /p:"<Полный путь к вирусу>"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\galeria2.atspace[1]
- C:\Document Cache\doccache.exe
- '20#.#9.51.218':13675
- '20#.#6.165.177':443
- '13#.#52.44.189':1416
- '2.###.56.199':443
- '17#.#7.129.197':443
- 'ga####a2.atspace.eu':80
- 'localhost':1035
- '24#.#2.59.197':13676
- '31.##.20.194':27837
- ga####a2.atspace.eu/
- DNS ASK fl#####mhp.pluton85.eu
- DNS ASK fl#####mhi.pluton85.eu
- DNS ASK fl###ccmhi.net
- DNS ASK fl####cmhp.undo.it
- DNS ASK fl####cmhi.undo.it
- DNS ASK cm##.#luton85.eu
- DNS ASK ga####a2.atspace.eu
- DNS ASK cm##.undo.it
- DNS ASK fl###ccmhi.com
- DNS ASK fl###ccmhi.eu
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'IEFrame' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'