Техническая информация
- '%PROGRAM_FILES%\NetMeeting\winhlp.exe'
- %TEMP%\nse3.tmp\Processes.dll
- %PROGRAM_FILES%\NetMeeting\winhlp.exe
- %TEMP%\nse3.tmp\InstallOptions.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cl[1].php
- <SYSTEM32>\somarshal.dat
- %PROGRAM_FILES%\NetMeeting\WndHook.dll
- %TEMP%\nse3.tmp\ioSpecial.ini
- %TEMP%\nse2.tmp
- %TEMP%\nse3.tmp\modern-wizard.bmp
- %PROGRAM_FILES%\NetMeeting\httpapi.dll
- %TEMP%\nse3.tmp\KillProcDLL.dll
- 'r.###ntech.com':1207
- 'cl.###system.com':80
- 'localhost':1040
- cl.###system.com/cl.php?fi#######################################################
- DNS ASK r.###ntech.com
- DNS ASK cl.###system.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'