Техническая информация
- '%WINDIR%\Temp\Rpegx1x.exe' RESTORE HKLM\SYSTEM\CurrentControlSet\Services\ccosm %WINDIR%\temp\$$$201005051111.bak
- 'C:\sms1.exe'
- '%WINDIR%\Temp\Rpegx1x.exe' DELETE HKLM\SYSTEM\CurrentControlSet\Services\ccosm
- '%WINDIR%\Temp\Rpegx1x.exe' ADD HKLM\SYSTEM\CurrentControlSet\Services\ccosm
- 'C:\sms1.exe' (загружен из сети Интернет)
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 1
- '%WINDIR%\explorer.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\gz[1].exe
- C:\sms1.exe
- %WINDIR%\Temp\Rpegx1x.exe
- %WINDIR%\Temp\$$$201005051111.bak
- %WINDIR%\Temp\$$$201005051111.bak
- %WINDIR%\Temp\Rpegx1x.exe
- '06###.buo.cc':80
- 'localhost':1035
- 06###.buo.cc/down/gz.exe
- DNS ASK 06###.buo.cc