Техническая информация
- %WINDIR%\system\bibi.exe
- %WINDIR%\system\sendtill.exe
- %WINDIR%\carrega.bat
- %WINDIR%\system\logwabs.exe
- %WINDIR%\system\bibi.exe (загружен из сети Интернет)
- %WINDIR%\system\sendtill.exe (загружен из сети Интернет)
- %WINDIR%\system\logwabs.exe (загружен из сети Интернет)
- %WINDIR%\carrega.bat (загружен из сети Интернет)
- <SYSTEM32>\regsvr32.exe /s %WINDIR%\WindowsShell.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\7[1].txt
- %WINDIR%\carrega.bat
- %WINDIR%\system\sendtill.exe
- %WINDIR%\system\bibi.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\4[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\3[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\1[1].txt
- %WINDIR%\WindowsShell.dll
- %WINDIR%\system\logwabs.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\2[1].txt
- 'ca#.##niutil.com':80
- 'localhost':1036
- ca#.##niutil.com/demo,/7.txt
- ca#.##niutil.com/demo,/4.txt
- ca#.##niutil.com/demo,/3.txt
- ca#.##niutil.com/demo,/1.txt
- ca#.##niutil.com/demo,/2.txt
- DNS ASK ca#.##niutil.com