Техническая информация
- %TEMP%\ivzlzusg\rundll32.exe a -r %USERNAME%_xls_28558.arj C:\Documents and Settings\*.xls?
- %TEMP%\ivzlzusg\rundll32.exe a -r %USERNAME%_fox_11217.arj %APPDATA%\Mozilla\Firefox\
- %TEMP%\TROJ_917.EXE
- %TEMP%\ivzlzusg\wxnvsdif.exe
- <SYSTEM32>\ftp.exe -n -s:vnfammfg.jpg
- <SYSTEM32>\taskkill.exe /im firefox.exe /f /t
- <SYSTEM32>\wscript.exe "%TEMP%\ivzlzusg\yhbdyrdj.vbs"
- <SYSTEM32>\cmd.exe /c ""%TEMP%\ivzlzusg\wmaykkfu.cmd" "
- firefox.exe
- %TEMP%\ivzlzusg\wxnvsdif.exe
- %TEMP%\ivzlzusg\rundll32.exe
- %TEMP%\ivzlzusg\ARJTEMP.$00
- %TEMP%\ivzlzusg\yhbdyrdj.vbs
- %TEMP%\TROJ_917.EXE
- %TEMP%\ivzlzusg\wmaykkfu.cmd
- %TEMP%\ivzlzusg\vnfammfg.jpg
- %TEMP%\ivzlzusg\ARJTEMP.$00
- 'c0###ack.vov.ru':21
- 'localhost':1035
- DNS ASK c0###ack.vov.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'EDIT' WindowName: ''