Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ias] 'Start' = '00000002'
- <SYSTEM32>\rundll32.exe iasrv.dll,RundllInstall IAS
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\SI7E0MEL\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\1INTXHKD\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\IP2FAN6V\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\O56FGDYR\desktop.ini
- <SYSTEM32>\mssvr.dll
- <SYSTEM32>\iasrv.dll
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\1INTXHKD\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\IP2FAN6V\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\O56FGDYR\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\SI7E0MEL\desktop.ini
- <SYSTEM32>\mssvr.dll
- 'www.to###member.com':80
- www.to###member.com/kys_allow_get.asp?na#############
- DNS ASK www.to###member.com