Техническая информация
- <SYSTEM32>\dllcache\spoolsv.exe файлом <SYSTEM32>\dllcache\spoolsv.exe.new
- <SYSTEM32>\spoolsv.exe файлом <SYSTEM32>\spoolsv.exe.new
- <SYSTEM32>\spoolsv.exe
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\3RLKW7HF\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\LBAKEJ76\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CDQNS1IJ\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2LI2A7YC\desktop.ini
- %TEMP%\1.tmp
- %WINDIR%\Temp\2.tmp
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\LBAKEJ76\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CDQNS1IJ\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2LI2A7YC\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\3RLKW7HF\desktop.ini
- %WINDIR%\Temp\2.tmp
- %TEMP%\1.tmp
- <SYSTEM32>\spoolsv.exe в %WINDIR%\Temp\4.tmp
- из <Полный путь к вирусу> в %TEMP%\3.tmp
- '85.##.237.229':8888