Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ias] 'Start' = '00000002'
- 'C:\ss.scr' /S
- '<SYSTEM32>\regini.exe' <SYSTEM32>\tmphan.log
- '<SYSTEM32>\svchost.exe' -k netsvcs
- <SYSTEM32>\tmphan.log
- <SYSTEM32>\WinX86.log
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\1[1].jpg
- %TEMP%\kb-240078.tmp
- %TEMP%\kb-236125.tmp
- %TEMP%\kb-236875.tmp
- %TEMP%\kb-237734.tmp
- %TEMP%\kb-237734.tmp в C:\ss.scr
- %TEMP%\kb-240078.tmp в %TEMP%\ui240078.tmp
- %TEMP%\kb-236125.tmp в %WINDIR%\ime\$MicoroSoft~X86.cpl
- %TEMP%\kb-236875.tmp в <SYSTEM32>\DUData.dll
- 'jj.##77888.com':80
- jj.##77888.com/temp/1.jpg
- DNS ASK jj.##77888.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'