Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ttool' = '%WINDIR%\convpart.exe'
- %WINDIR%\convpart.exe /sd 2888
- %WINDIR%\Explorer.EXE
- iexplore.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\options[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\options[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cmd[1]
- %WINDIR%\convpart.exe
- <SYSTEM32>\cacltvwr.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\options[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cmd[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\options[1]
- 'in.###stat44.com':80
- '19#.#04.27.35':80
- 'localhost':1037
- in.###stat44.com/cgi-bin/options.cgi?us##################################################################################################
- 19#.#04.27.35/cgi-bin/options.cgi?us##################################################################################################
- 19#.#04.27.35/cgi-bin/cmd.cgi?us##################################################################################################
- DNS ASK in.###stat44.com
- ClassName: 'Indicator' WindowName: ''