Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'SafetyCenter' = 'c:\SafetyCenter\start.exe'
- [<HKLM>\SOFTWARE\Classes\CLSID\{459b6bf8-5320-4c41-8833-85baedf31086}\Shell\Open\Command] '' = 'c:\SafetyCenter\protector.exe'
- 'C:\SafetyCenter\tst.exe'
- '<SYSTEM32>\regsvr32.exe' /s ie.dll
- '<SYSTEM32>\mshta.exe' http://21#.#17.161.142/install.php?id#
- ICQ.exe
- firefox.exe
- C:\SafetyCenter\uninstall.exe
- C:\SafetyCenter\new.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\install[1].php
- C:\SafetyCenter\ie.dll
- C:\SafetyCenter\start.exe
- C:\SafetyCenter\main.ico
- C:\SafetyCenter\sound.wav
- C:\SafetyCenter\protector.exe
- C:\SafetyCenter\tst.exe
- '21#.#17.161.142':80
- 'localhost':1037
- 21#.#17.161.142/install.php?id#
- ClassName: 'HTML Application Host Window Class' WindowName: 'c71e7a0f-e634-4e08-8a6e-64709a09dd18'
- ClassName: 'MS_WINHELP' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'
- ClassName: 'TForm1' WindowName: 'Safety Center'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'