Техническая информация
- C:\programfiles\cmdb.exe /stext c:\programfiles\modb.mod
- C:\programfiles\cmda.exe /stext c:\programfiles\moda.mod
- C:\programfiles\java.exe
- <SYSTEM32>\cmd.exe /c %TEMP%\EZC1.bat
- [<HKCU>\Software\Yahoo\Pager]
- [<HKCU>\Software\Microsoft\IdentityCRL]
- [<HKCU>\Software\Microsoft\MessengerService]
- [<HKCU>\Software\Google\Google Talk\Accounts]
- [<HKCU>\Software\Microsoft\MSNMessenger]
- C:\programfiles\cmdb.exe
- C:\programfiles\moda.mod
- %TEMP%\EZC1.bat
- C:\programfiles\cmda.exe
- <LS_APPDATA>\idsys.txt
- C:\programfiles\java.exe.z7
- C:\programfiles\java.exe
- C:\programfiles\cmdb.exe
- C:\programfiles\java.exe.z7
- C:\programfiles\cmda.exe
- C:\programfiles\java.exe
- C:\programfiles\moda.mod
- 've####.thaieasydns.com':80
- ve####.thaieasydns.com/pjct4//sm/atuando2.php
- DNS ASK ve####.thaieasydns.com
- '<IP-адрес в локальной сети>':1037
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''