Техническая информация
- %WINDIR%\system\system32.exe (загружен из сети Интернет)
- <SYSTEM32>\regsvr32.exe /i /s %WINDIR%\winlogon.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\sess_10fee[1].exe
- %WINDIR%\system\system32.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\image[1].dll
- %WINDIR%\winlogon.dll
- 'ma####ouniers.com':80
- 'www.aj#####saparecidos.org':80
- ma####ouniers.com/tmp/sess_10fee.exe
- www.aj#####saparecidos.org/image/image.dll
- DNS ASK ma####ouniers.com
- DNS ASK www.aj#####saparecidos.org