Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,%WINDIR%\system\winlogon.exe'
- '%WINDIR%\system\winlogon.exe'
- '%WINDIR%\regedit.exe' /s %WINDIR%\system\install.reg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ya[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ver[1].txt
- %WINDIR%\system\install.reg
- %WINDIR%\system\winlogon.exe
- %TEMP%\~DFD0AF.tmp
- %WINDIR%\system\install.reg
- 'st####x.narod.ru':80
- '93.##8.134.3':80
- 'localhost':1036
- st####x.narod.ru/ver.txt?ra############
- 93.##8.134.3/
- DNS ASK st####x.narod.ru
- DNS ASK ya.ru
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'RegEdit_RegEdit' WindowName: '(null)'