Техническая информация
- <SYSTEM32>\updll.exe (загружен из сети Интернет)
- <SYSTEM32>\regsvr32.exe /s wvs02_4247.dll
- <SYSTEM32>\regsvr32.exe /s wus02_4742.dll
- <SYSTEM32>\wvs02_4247.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\updll[1].dll
- <SYSTEM32>\updll.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\wordstar[1].dll
- <SYSTEM32>\wus02_4742.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\wordbra[1].dll
- 'www.te#######iloveyou.correio.biz':80
- 'localhost':1036
- www.te#######iloveyou.correio.biz/rbt/updll.dll
- www.te#######iloveyou.correio.biz/rbt/wordbra.dll
- www.te#######iloveyou.correio.biz/rbt/wordstar.dll
- DNS ASK www.te#######iloveyou.correio.biz