Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WebSystem' = '%PROGRAM_FILES%\WebSystem\web.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Live Control' = '%PROGRAM_FILES%\WinLive\WCheck.exe'
- %PROGRAM_FILES%\WinLive\WCheck.exe
- %PROGRAM_FILES%\WebSystem\web.exe
- %PROGRAM_FILES%\WebSystem\web.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\data[1].xml
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\data[1].xml
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- %PROGRAM_FILES%\WinLive\WCheck.exe
- %TEMP%\$inst\2.tmp
- %TEMP%\$inst\temp_0.tmp
- 'sa####ehayir2.net':80
- 'sa####ehayir.net':80
- 'localhost':1035
- sa####ehayir2.net/site/data.xml
- sa####ehayir.net/site/data.xml
- DNS ASK sa####ehayir2.net
- DNS ASK sa####ehayir.net
- ClassName: 'Shell_TrayWnd' WindowName: ''