Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'IExploreUpdate' = '%PROGRAM_FILES%\Internet Explorer\Connection Wizard\iexplore.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ExploreUpdate' = '%PROGRAM_FILES%\Internet Explorer\Connection Wizard\iexplore.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'GrpConv' = 'grpconv -o'
- [<HKLM>\SOFTWARE\Classes\MSProgramGroup\Shell\Open\Command] '' = '<SYSTEM32>\grpconv.exe %1'
- [<HKLM>\SYSTEM\ControlSet001\Services\CtfmonSrver] 'Start' = '00000002'
- %WINDIR%\repair\svchost.exe
- <SYSTEM32>\grpconv.exe -o
- <SYSTEM32>\runonce.exe -r
- <SYSTEM32>\rundll32.exe setupapi,InstallHinfSection DefaultInstall 128 %WINDIR%\tmp_0_49_8.inf
- <SYSTEM32>\office\ctfmon.exe
- %WINDIR%\tmp_0_49_8.inf
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\CAOPEFSH.asp
- %WINDIR%\Temp\webplayer_dll.exe
- %WINDIR%\repair\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\webplayer_dll[1].exe
- %TEMP%\~DF1ED4.tmp
- %WINDIR%\tmp_0_49_8.inf
- %WINDIR%\Temp\webplayer_dll.exe
- 'up###e.bskyb.cn':80
- 'localhost':1035
- up###e.bskyb.cn/update/download/webplayer_dll.exe
- DNS ASK up###e.bskyb.cn