Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Host Generic Process] 'ImagePath' = '<DRIVERS>\svchost.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\Host Generic Process] 'Start' = '00000002'
- '%ProgramFiles%\ini.exe' -p911 -d%HOMEPATH%\Local Settings\Temp
- '%TEMP%\build.exe'
- '<DRIVERS>\svchost.exe'
- '%ProgramFiles%\link.exe'
- '%ProgramFiles%\ESW ULTRA B1016.exe'
- '<SYSTEM32>\cmd.exe' /c ""%ProgramFiles%\ini.bat" "
- %TEMP%\build.exe
- <DRIVERS>\svchost.exe
- C:\Documents and Settings\LocalService\Local Settings\Application Data\sLT.exf
- %ProgramFiles%\ini.exe
- %ProgramFiles%\ESW ULTRA B1016.exe
- %ProgramFiles%\link.exe
- %ProgramFiles%\ini.bat
- 'dl.##hack.ru':80
- http://dl.##hack.ru/fastcgi/
- DNS ASK dl.##hack.ru
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''