Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\AppMgmt] 'Start' = '00000000'
- [<HKLM>\SYSTEM\ControlSet001\Services\0C03317C] 'Start' = '00000002'
- <SYSTEM32>\appmgmts.dll
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://vb####46.3322.org/
- <SYSTEM32>\cmd.exe /c ""%TEMP%\65982e3e.bat" "
- %TEMP%\65982e3e.bat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\vb775846.3322[1]
- %TEMP%\stinst.log
- <SYSTEM32>\0C03317C.sys
- 'localhost':1038
- 'vb####46.3322.org':80
- vb####46.3322.org/cs/2.exe
- vb####46.3322.org/cs/3.exe
- vb####46.3322.org/cs/1.exe
- vb####46.3322.org/
- DNS ASK vb####46.3322.org
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''