Техническая информация
- '%TEMP%\xllb.tmp'
- '<SYSTEM32>\wscript.exe' "c:\GetModuleFileNameAas.vbe"
- '%PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE' http://fw###m.2288.org/xllb.asp
- C:\GetModuleFileNameAas.vbe
- %TEMP%\nsd2.tmp\System.dll
- %TEMP%\xllb.tmp
- C:\GetModuleFileNameAas.vbe
- %TEMP%\nsd2.tmp\System.dll
- 'localhost':1040
- DNS ASK fw###m.2288.org
- DNS ASK ha####wan.txmh.net
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'