Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'xp_system' = '%WINDIR%\inet20019\services.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'xp_system' = '%WINDIR%\inet20019\services.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'run' = '%WINDIR%\inet20019\services.exe'
- %WINDIR%\system.ini
- AVGCTRL.EXE
- AVP.EXE
- AVP32.EXE
- AVPCC.EXE
- AVPM.EXE
- NAVAPW32.EXE
- ZONEALARM.EXE
- %WINDIR%\inet20019\services.exe
- 'pe###lgin.info':80
- 'br###uskas.info':80
- 'gr###ta.info':80
- http://pe###lgin.info/affcgi/try.fcgi?20###
- http://br###uskas.info/gallery20019/xpsystem/rxs.ini.php
- http://pe###lgin.info/gallery20019/xpsystem/rxs.ini.php
- http://gr###ta.info/gallery20019/xpsystem/rxs.ini.php
- DNS ASK pe###lgin.info
- DNS ASK br###uskas.info
- DNS ASK gr###ta.info
- ClassName: '' WindowName: '%ALLUSERSPROFILE%\Start Menu\Programs\Startup\Microsoft Office.hta'
- '%WINDIR%\inet20019\services.exe'