Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ias] 'Start' = '00000002'
- '<SYSTEM32>\regini.exe' <SYSTEM32>\tmphan.log
- '<SYSTEM32>\svchost.exe' -k netsvcs
- '%WINDIR%\explorer.exe' C:\
- <SYSTEM32>\WinX86.log
- %TEMP%\kb-207468.tmp
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\5[1].jpg
- <SYSTEM32>\tmphan.log
- %TEMP%\kb-200843.tmp
- <SYSTEM32>\bak8011252.log
- %TEMP%\kb-202421.tmp
- %TEMP%\kb-201734.tmp
- <SYSTEM32>\WinX86.log
- %TEMP%\kb-202421.tmp в <SYSTEM32>\DUData.dll
- %TEMP%\kb-207468.tmp в %TEMP%\ui207468.tmp
- %TEMP%\kb-200843.tmp в %WINDIR%\ime\$MicoroSoft~X86.cpl
- %TEMP%\kb-201734.tmp в <SYSTEM32>\MSIMM.ISO
- 'jj.#ml.cn':80
- jj.#ml.cn/temp/5.jpg
- DNS ASK jj.#ml.cn
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'CicLoaderWndClass' WindowName: '(null)'
- ClassName: '' WindowName: '(null)'