Техническая информация
- %TEMP%\svchost.exe 2768,"%TEMP%\rcnnj.exe"
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:"%TEMP%\RES3.tmp"" ""%TEMP%\vbc2.tmp""
- %WINDIR%\Microsoft.NET\Framework\v4.0.30319\vbc.exe /noconfig @"%TEMP%\2b5rntty.cmdline"
- %TEMP%\vbc2.tmp
- %TEMP%\vbc1.tmp
- %TEMP%\RES3.tmp
- %WINDIR%\WMSys867.exe
- %TEMP%\svchost.exe
- %TEMP%\glutu.exe
- %TEMP%\rcnnj.exe
- %TEMP%\2b5rntty.0.vb
- %TEMP%\2b5rntty.out
- %TEMP%\2b5rntty.cmdline
- %WINDIR%\WMSys867.exe
- %TEMP%\2b5rntty.cmdline
- %TEMP%\2b5rntty.0.vb
- %TEMP%\2b5rntty.out
- %TEMP%\RES3.tmp
- %TEMP%\vbc2.tmp
- '20#.#6.232.182':80
- 20#.#6.232.182/
- DNS ASK www.microsoft.com
- ClassName: 'Shell_TrayWnd' WindowName: ''