Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,C:\DOCUME~1\%USERNAME%\LOCALS~1\Temp\bldjad.exe'
- %TEMP%\bldjad.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\calc[1].php
- '19#.#05.174.114':80
- http://19#.#05.174.114/calc.php