Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\rpcsds] 'Start' = '00000002'
- '%TEMP%\KB989697.exe'
- '<SYSTEM32>\svchost.exe' -k netsvcs
- <SYSTEM32>\rpcxsds.dll
- %TEMP%\KB989697.exe
- <Текущая директория>\<Имя вируса>.wmv
- <SYSTEM32>\rpcxsds.dll
- %TEMP%\KB989697.exe
- 'jp###.kmip.net':809
- DNS ASK jp###.kmip.net
- ClassName: '' WindowName: ''
- ClassName: '\MSITPro::EventQueue' WindowName: ''
- ClassName: 'Type32_Main_Window' WindowName: ''
- ClassName: 'WMPlayerApp' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'ReBarWindow32' WindowName: ''
- ClassName: 'WMP9DeskBand' WindowName: 'WMP9DeskBand'