Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\bbbc] 'Start' = '00000002'
- '%TEMP%\MIS_808_0.EXE'
- '<SYSTEM32>\rundll32.exe' %CommonProgramFiles%\hhhi\ooop.dll,Service
- %CommonProgramFiles%\hhhi\lllm.dll
- %CommonProgramFiles%\hhhi\jjjk.ini
- %CommonProgramFiles%\hhhi\ooop.dll
- %TEMP%\invison.exe
- %CommonProgramFiles%\hhhi\gggh.ini
- %CommonProgramFiles%\hhhi\eeef.ini
- %TEMP%\MIS_808_0.EXE
- C:\~de2.tmp
- %TEMP%\MIS_808_0.EXE в C:\~de2.tmp
- %TEMP%\invison.exe в %TEMP%\MIS_808_0.EXE
- DNS ASK up####.borlander.cn
- DNS ASK ac####.borlander.com.cn
- ClassName: '_mms_wnd_' WindowName: '_mms_wnd_'