Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'msseces' = '{800B7F52-DC36-45C8-81D2-934505BD0B0C}'
- '%WINDIR%\explorer.exe'
- %WINDIR%\Explorer.EXE
- C:\ProgramData\Java\jre6\bin\jcfg.pdb
- C:\ProgramData\Java\jre6\bin\readme.txt
- C:\ProgramData\Java\jre6\bin\jwdeploy.dll
- C:\ProgramData\Java\jre6\bin\readme.txt
- %TEMP%\qqw1.tmp
- C:\ProgramData\Java\jre6\bin\jcfg.pdb в %TEMP%\qqw2.tmp
- C:\ProgramData\Java\jre6\bin\jcfg.pdb в %TEMP%\qqw1.tmp
- C:\ProgramData\Java\jre6\bin\jcfg.pdb
- из <Полный путь к файлу> в <Текущая директория>\err_3_244_1998166001_32.pdb
- 'wo###33d.biz':80
- http://wo###33d.biz/btsCmd/qrqweZ0p8r.php
- DNS ASK wo###33d.biz
- ClassName: 'SunAwtDialog' WindowName: 'Вхiд в систему'
- ClassName: 'SunAwtDialog' WindowName: '??i? ? ???????'
- ClassName: 'SunAwtDialog' WindowName: 'Вход в систему'
- ClassName: 'SunAwtDialog' WindowName: '???? ? ???????'
- ClassName: 'SunAwtFrame' WindowName: 'Вхiд в систему'
- ClassName: 'SunAwtFrame' WindowName: '??i? ? ???????'
- ClassName: 'SunAwtFrame' WindowName: 'Вход в систему'
- ClassName: 'SunAwtFrame' WindowName: '???? ? ???????'