Техническая информация
- '<SYSTEM32>\TempWeb\services.exe' 482746164
- '<SYSTEM32>\TempWeb\services.exe' (загружен из сети Интернет)
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\TempWeb\SYSTEM32\scrrun.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\TempWeb\SYSTEM32\scrobj.dll
- <Текущая директория>\scrrun.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\services[1].exe
- <SYSTEM32>\TempWeb\services.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\scrrun[1].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\scrobj[1].dll
- <Текущая директория>\scrobj.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\services[1].exe
- %TEMP%\~DFAAEB.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\scrobj[1].dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\scrrun[1].dll
- 'www.ic###oft.net':80
- 'localhost':1036
- www.ic###oft.net/icom/freeware/services.exe
- www.ic###oft.net/icom/freeware/scrrun.dll
- www.ic###oft.net/icom/freeware/scrobj.dll
- DNS ASK www.ic###oft.net
- ClassName: '(null)' WindowName: '??? ?????'
- ClassName: '(null)' WindowName: 'Software Service Center'