Техническая информация
- <SYSTEM32>\rundll32.exe ""%TEMP%\ins1.tmp"",fotixjvcrxzdzyo install
- %TEMP%\ins1.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\oMS3V8YsipDiDjvbcrOLenGK7X2phzdaqlIFd9B9eH+2NjJQW8nwrfhIK4+LPiCO5b7+TEA==[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\l5GT1WwR+S99euiG9VqrH+pwvKFzMnFuHkJFhYey1KAu67+1CnkmkAFKTPyOB5C9ncdJ59ojcnuBj93mCUAsjPHSFpeiUKLtNc09Xd37O1gXENF2GzsUVUyLDwGQ8ROBPYzQODiUl1j2cRWQICESx[1]
- 'sa###do.co.be':80
- 'localhost':1035
- sa###do.co.be/FLrvgzaOD28TsJZkiq4W51A/zcNixWBW2U2LIx/oMS3V8YsipDiDjvbcrOLenGK7X2phzdaqlIFd9B9eH+2NjJQW8nwrfhIK4+LPiCO5b7+TEA==
- sa###do.co.be/oqtNPJekB5h/l5GT1WwR+S99euiG9VqrH+pwvKFzMnFuHkJFhYey1KAu67+1CnkmkAFKTPyOB5C9ncdJ59ojcnuBj93mCUAsjPHSFpeiUKLtNc09Xd37O1gXENF2GzsUVUyLDwGQ8ROBPYzQODiUl1j2cRWQICESxcf0mEMwpNZyUV7anJ8YoD+4WEWKvsLRCspcEVx7ync=
- DNS ASK sa###do.co.be
- ClassName: 'Shell_TrayWnd' WindowName: ''