Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Winlogon' = '%WINDIR%\csrss.exe'
- '%TEMP%\~2.exe'
- '%TEMP%\~1.exe'
- [<HKCU>\Software\Microsoft\MSNMessenger]
- [<HKCU>\Software\Microsoft\MessengerService]
- %WINDIR%\hosts.txt
- %WINDIR%\dir
- %TEMP%\~1.exe
- %TEMP%\~2.exe
- DNS ASK de######ratumsn.no-ip.org
- ClassName: 'Shell_TrayWnd' WindowName: ''