Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\SSDTMon] 'Start' = '00000002'
- <SYSTEM32>\cmd.exe /c c:\Link.bat
- <SYSTEM32>\svchost.exe -k SSDTMon
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\Timesvc[1].dll
- <SYSTEM32>\Timesvc.dll
- <SYSTEM32>\usrouji.dat
- <SYSTEM32>\SSDDT.dll
- C:\Link.bat
- 'www.as###2008.net':80
- 'localhost':1035
- www.as###2008.net/wind/update/Timesvc.dll
- DNS ASK www.as###2008.net