Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = '%WINDIR%\mssys.dll'
- '%TEMP%\cleantag22.exe'
- '%TEMP%\cleantag22.sfx.exe' -p5555 -d%HOMEPATH%\Local Settings\Temp
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\cln.bat" "
- %TEMP%\cleantag22.exe
- %WINDIR%\mssys.dll
- %TEMP%\cleantag22.sfx.exe
- %TEMP%\cln.bat
- 'http://st###erok.tk/dd2/':80
- http://st###erok.tk/dd2//data/inex.php
- DNS ASK http://st###erok.tk/dd2/
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'