Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'win32101-199816600' = '%WINDIR%\win32101-199816600.exe'
- '%WINDIR%\win32101-199816600.exe'
- '%WINDIR%\ase.exe' forcereset
- <SYSTEM32>\MSINET.OCX
- %TEMP%\nsg2.tmp\System.dll
- %WINDIR%\win32101-199816600.exe
- %HOMEPATH%\Desktop\SearchUs.exe
- %WINDIR%\111uninst.exe
- %WINDIR%\Unist1.htm
- %WINDIR%\ase.exe
- %WINDIR%\uni_eh10.exe
- %WINDIR%\Uninst2.htm
- %TEMP%\nsg2.tmp\System.dll
- 'www.ad#####sementserver.com':80
- 'localhost':1039
- www.ad#####sementserver.com/mbop/index.php3?UI########################################################
- DNS ASK www.ad#####sementserver.com
- ClassName: 'Shell_TrayWnd' WindowName: ''