Техническая информация
- %APPDATA%\Welcome.exe
- <SYSTEM32>\at.exe 19:37 /every:M,T,W,Th,F,Sa,Su ""%WINDIR%\icp3.exe""
- <SYSTEM32>\at.exe 19:42 /every:M,T,W,Th,F,Sa,Su ""%WINDIR%\bclm.exe""
- <SYSTEM32>\at.exe 19:27 /every:M,T,W,Th,F,Sa,Su ""%WINDIR%\eu2i.exe""
- <SYSTEM32>\at.exe 19:32 /every:M,T,W,Th,F,Sa,Su ""%WINDIR%\r2p3.exe""
- %TEMP%\nsm6.tmp\ns7.tmp
- %TEMP%\nsm6.tmp\ns8.tmp
- %WINDIR%\r2p3.exe
- %TEMP%\nsm6.tmp\nsExec.dll
- %TEMP%\nsm6.tmp\ns9.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\counter[1].php
- C:\ndf
- %TEMP%\nsm6.tmp\nsA.tmp
- %TEMP%\nsm6.tmp\inetc.dll
- %WINDIR%\bclm.exe
- %TEMP%\a1.7z
- %APPDATA%\Welcome.exe
- %TEMP%\nsw2.tmp
- %TEMP%\7za.exe
- %TEMP%\nse3.tmp\ExecDos.dll
- %WINDIR%\eu2i.exe
- %WINDIR%\icp3.exe
- %TEMP%\qzgsn.exe
- %TEMP%\nsh5.tmp
- %WINDIR%\r2p3.exe
- C:\ndf
- %WINDIR%\bclm.exe
- %WINDIR%\eu2i.exe
- %WINDIR%\icp3.exe
- %TEMP%\nsm6.tmp\nsA.tmp
- %TEMP%\nsm6.tmp\inetc.dll
- %TEMP%\nsm6.tmp\nsExec.dll
- %TEMP%\nsm6.tmp\ns9.tmp
- %TEMP%\nse3.tmp\ExecDos.dll
- %TEMP%\nsm6.tmp\ns7.tmp
- %TEMP%\nsm6.tmp\ns8.tmp
- '12#.#17.235.76':80
- 12#.#17.235.76/videos/counter.php
- ClassName: 'Shell_TrayWnd' WindowName: ''