Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinCOM] 'ImagePath' = '<SYSTEM32>\wincom.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\WinCOM] 'Start' = '00000002'
- <SYSTEM32>\wincom.exe
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\winint[2].exe
- C:\winsys.exe
- C:\winsys.inf
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\LBMMC3H3\winsys[1].inf
- C:\Documents and Settings\LocalService\Favorites\Desktop.ini
- <SYSTEM32>\wincom.exe
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\winint[1].exe
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\redir[1].0&ar=home
- C:\Documents and Settings\LocalService\Favorites\Desktop.ini
- 'ff#.#esekl.info':80
- '20#.#6.232.182':80
- 'localhost':1038
- http://ff#.#esekl.info/winsys.inf
- http://ff#.#esekl.info/winint.exe
- http://www.microsoft.com/isapi/redir.dll?pr################################## via 20#.#6.232.182
- DNS ASK ff#.#esekl.info
- DNS ASK www.microsoft.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''