Техническая информация
- %HOMEPATH%\iene8.exe
- %HOMEPATH%\msnmsns.exe
- <SYSTEM32>\config\gr1811fdbnh.exe
- %HOMEPATH%\iene8.exe (загружен из сети Интернет)
- %HOMEPATH%\msnmsns.exe (загружен из сети Интернет)
- <SYSTEM32>\rundll32.exe <SYSTEM32>\shell32.dll,OpenAs_RunDLL <SYSTEM32>\config\gr1811fdbnh.pps
- <SYSTEM32>\cmd.exe /c ""<SYSTEM32>\config\gr1811fdbnh.bat" "
- %HOMEPATH%\msnmsns.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\17-evertimeiseeyou[1].mp3
- %HOMEPATH%\iene8.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\16-billionare[1].mp3
- <SYSTEM32>\config\gr1811fdbnh.pps
- <SYSTEM32>\config\gr1811fdbnh.bat
- <SYSTEM32>\config\gr1811fdbnh.exe
- 'ro####olliltda.com':80
- 'localhost':1035
- ro####olliltda.com/04022011/16-billionare.mp3
- ro####olliltda.com/04022011/17-evertimeiseeyou.mp3
- DNS ASK ro####olliltda.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''