Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Windows Monitor Manager] 'Start' = '00000002'
- '%WINDIR%\internat.exe'
- '<SYSTEM32>\ping.exe' -n 1 localhost
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\xox.bat
- '<SYSTEM32>\regsvr32.exe' <SYSTEM32>\NTSVC.ocx /s
- %WINDIR%\xox.bat
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\fuck[1]
- <SYSTEM32>\NTSVC.ocx
- %WINDIR%\internat.exe
- %WINDIR%\internat.exe
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\fuck[1]
- %TEMP%\~DF2F16.tmp
- 'fu##.jpg':80
- 'localhost':1036
- fu##.jpg/
- DNS ASK fu##.jpg
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'