Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ias] 'Start' = '00000002'
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\585FE7S8\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\3ETQYBMX\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EJKL01KP\592401676[1].txt
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CTENG5M7\desktop.ini
- %TEMP%\209171.tmp
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EJKL01KP\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\585FE7S8\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\3ETQYBMX\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CTENG5M7\desktop.ini
- <SYSTEM32>\Ias.exe
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EJKL01KP\desktop.ini
- %TEMP%\209171.tmp в <SYSTEM32>\Ias.exe
- 'www.hb##vip.cn':80
- www.hb##vip.cn/hbf???#################
- DNS ASK www.hb##vip.cn