Техническая информация
- C:\sms1.exe (загружен из сети Интернет)
- %WINDIR%\Temp\Rmeixoem.exe RESTORE HKLM\SYSTEM\CurrentControlSet\Services\ccosm %WINDIR%\temp\2009113239328mmt#.bak ADD HKLM\SYSTEM\CurrentControlSet\Services\ccosm DELETE HKLM\SYSTEM\CurrentControlSet\Services\ccosm
- <SYSTEM32>\ping.exe 127.0.0.1 -n 1
- %WINDIR%\explorer.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\3d[1].exe
- C:\sms1.exe
- %WINDIR%\Temp\Rmeixoem.exe
- %WINDIR%\Temp\2009113239328mmt#.bak
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\3d[1].exe
- %WINDIR%\Temp\2009113239328mmt#.bak
- %WINDIR%\Temp\Rmeixoem.exe
- '56#.lcn.cc':80
- 'localhost':1036
- 56#.lcn.cc/down/3d.exe
- DNS ASK 56#.lcn.cc