Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Microsoft.exe' = 'Microsoft.exe'
- <Имя диска съемного носителя>:\autorun.inf
- <Имя диска съемного носителя>:\Memory\Drivers\Microsoft.exe
- <Имя диска съемного носителя>:\Memory\Drivers\Desktop.ini
- %WINDIR%\Microsoft.exe
- ClassName: 'MSNHiddenWindowClass' WindowName: ''
- %WINDIR%\Microsoft.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\a[1].php
- <SYSTEM32>\qwdijxxixojdxf.tmp
- <Имя диска съемного носителя>:\Memory\Drivers\Microsoft.exe
- %WINDIR%\Microsoft.exe
- 'te##dos.org':51987
- 'ri####ngdialer.info':80
- 'localhost':1037
- ri####ngdialer.info/Storm/a.php?u=#
- DNS ASK te##dos.org
- DNS ASK ri####ngdialer.info
- ClassName: '' WindowName: '?Torrent'
- ClassName: '' WindowName: '?Torrent 1.9.0'
- ClassName: '' WindowName: '?Torrent 1.8.9'
- ClassName: '#32770' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'SysListView32' WindowName: ''
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: '' WindowName: '?Torrent 1.8.8'
- ClassName: '' WindowName: '?Torrent 1.8.3'
- ClassName: '' WindowName: '?Torrent 1.8.2'
- ClassName: '' WindowName: '?Torrent 1.8.1'
- ClassName: '' WindowName: '?Torrent 1.8.4'
- ClassName: '' WindowName: '?Torrent 1.8.7'
- ClassName: '' WindowName: '?Torrent 1.8.6'
- ClassName: '' WindowName: '?Torrent 1.8.5'