Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MServ' = '%WINDIR%\MsServices.exe'
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %ProgramFiles%\Windows Loader\How to use.txt
- %ProgramFiles%\Windows Loader\Keys
- %ProgramFiles%\Windows Loader\Keys.ini
- %ProgramFiles%\Windows Loader\Load
- %ProgramFiles%\Windows Loader\Read me.txt
- %ProgramFiles%\Windows Loader\Windows Loader.exe
- %WINDIR%\MsServices.exe
- C:\SysLogs\chkdskLogs.tgm
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\kusmoliko[2]
- %TEMP%\$inst\temp_0.tmp
- %TEMP%\$inst\2.tmp
- 'localhost':1037
- 'localhost':1038
- 'ad#.ly':80
- 'wp#d':80
- 'fe###oder.net':80
- http://ad#.ly/4091964/kusmoliko
- http://11#.#11.111.2/wpad.dat via wp#d
- http://fe###oder.net/testfile
- DNS ASK ad#.ly
- DNS ASK wp#d
- DNS ASK fe###oder.net
- ClassName: 'STATIC' WindowName: 'q3TDgcZ4p2up0Z77amQP 00000B44'
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- '%ProgramFiles%\Windows Loader\Windows Loader.exe'
- '%WINDIR%\MsServices.exe'