Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HRV' = '%APPDATA%\JPB\svchost.exe s'
- %APPDATA%\JPB\svchost.exe s
- [<HKCU>\Software\Microsoft\MSNMessenger]
- [<HKCU>\Software\Microsoft\MessengerService]
- %APPDATA%\JPB\OEAcc.tlb
- %APPDATA%\JBD\lkg.xva
- %APPDATA%\JBD\ppy.mdj
- %APPDATA%\JPB\svchost.exe
- %APPDATA%\JPB\ipstore.tlb
- %TEMP%\~DFA166.tmp
- 'www.is###133.com':80
- '74.##5.232.51':80
- www.is###133.com/index.php?cm#########################################
- DNS ASK www.is###133.com
- DNS ASK www.google.com
- '<IP-адрес в локальной сети>':1035
- ClassName: 'Indicator' WindowName: ''