Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\jgsd4005e96] 'Start' = '00000002'
- <SYSTEM32>\rundll32.exe "%CommonProgramFiles%\Microsoft Shared\MSInfo\jgsd4005e96.dll",ServiceBoot
- <SYSTEM32>\wscript.exe ""%TEMP%\bd2_5052.vbs"" //B //Nologo
- %CommonProgramFiles%\Microsoft Shared\MSInfo\RCX2.tmp
- %CommonProgramFiles%\Microsoft Shared\MSInfo\jgsd4005e96.ini
- %TEMP%\bd2_5052.vbs
- %CommonProgramFiles%\Microsoft Shared\MSInfo\jgsd4005e96.dll
- %ALLUSERSPROFILE%\DebugLog.log
- %TEMP%\83f_2890.dll
- %TEMP%\RCX1.tmp
- %TEMP%\bd2_5052.vbs
- %CommonProgramFiles%\Microsoft Shared\MSInfo\jgsd4005e96.ini
- %TEMP%\83f_2890.dll
- %CommonProgramFiles%\Microsoft Shared\MSInfo\jgsd4005e96.dll
- 'xi####9.3322.org':443
- DNS ASK xi####9.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''