Техническая информация
- '%TEMP%\Girl[H].exe'
- [<HKLM>\Software\Ghisler\Total Commander]
- [<HKCU>\Software\Ghisler\Total Commander]
- [<HKCU>\Software\Microsoft\Internet Explorer\IntelliForms\Storage2]
- [<HKCU>\Software\Google\Google Talk\Accounts]
- [<HKLM>\SOFTWARE\FlashFXP]
- %TEMP%\devels\b69cdb290d1e865d8144cedb0582b6d6\include.php
- %TEMP%\devels\b69cdb290d1e865d8144cedb0582b6d6\engine.php
- %TEMP%\44725606.~ph
- <Текущая директория>\ufr_files\NO_PWDS_report_10-07-2016_19-46-02-BCFK.bin
- %TEMP%\NO_PWDS_report_10-07-2016_19-46-02-BCFK.bin
- %TEMP%\devels\b69cdb290d1e865d8144cedb0582b6d6.phpe2
- %TEMP%\PSE11\php\modules\php_bz2.dll
- %TEMP%\report_10-07-2016_19-46-02-BCFK.bin
- %TEMP%\msvcr71.dll
- %TEMP%\Girl[H].exe
- %TEMP%\PSE11\php\modules\php_bcompiler.dll
- %TEMP%\PSE11\php\php5ts.dll
- %TEMP%\PSE11\B69CDB290D1E865D8144CEDB0582B6D6\php.ini
- %TEMP%\NO_PWDS_report_10-07-2016_19-46-02-BCFK.bin
- %TEMP%\44725606.~ph
- %TEMP%\PSE11\B69CDB290D1E865D8144CEDB0582B6D6\php.ini
- %TEMP%\report_10-07-2016_19-46-02-BCFK.bin в %TEMP%\NO_PWDS_report_10-07-2016_19-46-02-BCFK.bin
- '94.##0.191.201':25
- 'ht##z.ru':80
- 'wh#####yip.akamai.com':80
- http:///nfl5ywsfhuc.gif?lo########## via ht##z.ru
- http://wh#####yip.akamai.com/
- DNS ASK sm##.mail.ru
- DNS ASK ht##z.ru
- DNS ASK wh#####yip.akamai.com
- ClassName: 'Shell_TrayWnd' WindowName: ''