Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\TrkWks] 'ImagePath' = '<SYSTEM32>\msapis.exe -k'
- [<HKLM>\SYSTEM\ControlSet001\Services\TrkWks] 'Start' = '00000002'
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\board[1].php
- %WINDIR%\Temp\~Desd542.tmp
- %TEMP%\~df1.tmp
- <SYSTEM32>\msapis.exe
- 'www.ko###hunter.net':80
- 'localhost':1037
- http://www.ko###hunter.net/a/upload/board.php
- DNS ASK www.ko###hunter.net
- ClassName: '1E966C03-F472-498d-9BA1-97F39E614625' WindowName: ''
- ClassName: '78ED2503-2832-40fa-A66C-B3393A6664D4' WindowName: ''
- ClassName: '49B46336-BA4D-4905-9824-D282F05F6576' WindowName: ''