Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'sc service' = '%CommonProgramFiles%\update\2008.exe'
- <SYSTEM32>\cmd.exe /c <SYSTEM32>\_aa.bat
- %CommonProgramFiles%\update\2008.exe
- <SYSTEM32>\_aa.bat
- <SYSTEM32>\982056
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\lin[1].asp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\1[1].txt
- <SYSTEM32>\982056
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\1[1].txt
- 'do##.a38q.cn':80
- 'localhost':1037
- '1.##8q.cn':80
- do##.a38q.cn/down/1.txt
- 1.##8q.cn/mydown/lin.asp
- DNS ASK do##.a38q.cn
- DNS ASK 1.##8q.cn
- ClassName: 'Indicator' WindowName: ''