Техническая информация
- '<SYSTEM32>\winlogon.exe'
- <SYSTEM32>\winlogon.exe
- %TEMP%\14f2.tmp
- %TEMP%\14f3.tmp
- <SYSTEM32>\GBPassMode.dll
- %TEMP%\14f1.tmp
- %TEMP%\14f3.tmp
- %TEMP%\14f2.tmp
- %TEMP%\14f1.tmp
- '12#.#25.114.144':80
- 'www.hh##.info':80
- 'localhost':1039
- http://www.ba##u.com/ via 12#.#25.114.144
- http://www.hh##.info/
- DNS ASK www.ba##u.com
- DNS ASK ku####cf.8800.org
- DNS ASK www.hh##.info
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''