Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Media Player Setup' = '"C:\Documents and Settings\wmsetup.exe" '
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Media Player Setup' = '"C:\Documents and Settings\wmsetup.exe" '
- C:\Documents and Settings\wmsetup.exe and Settings\wmsetup.exe
- <SYSTEM32>\taskkill.exe /f /im wmsetup.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\lid[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\register[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\savedb[1].php
- C:\Documents and Settings\wmsetup.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\upd[1].txt
- %WINDIR%\Temp\~tmp86432.tmp
- %WINDIR%\Temp\~tmp86432.tmp
- 'x8##.kissme.in':80
- x8##.kissme.in/wm/register.php?id################
- x8##.kissme.in/wm/savedb.php?fi###################################################
- x8##.kissme.in/wm/upd.txt
- x8##.kissme.in/wm/lid.txt
- DNS ASK x8##.kissme.in
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: ''