Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Serverer] 'Start' = '00000002'
- <SYSTEM32>\cmd.exe /c ""%TEMP%\11.bat" "
- <SYSTEM32>\cmd.exe /c ""%TEMP%\00.bat" "
- <SYSTEM32>\svchost.exe -k "Serverer"
- %TEMP%\00.bat
- %TEMP%\11.bat
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\yiki2[1].txt
- %TEMP%\143796x.dll
- %TEMP%\RCX1.tmp
- <SYSTEM32>\win1423390c.dll
- %TEMP%\143796x.dll
- '14.#06.4.59':80
- 14.#06.4.59/ip/yiki2.txt