Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,%WINDIR%\system\winlogon.exe'
- %WINDIR%\system\winlogon.exe
- %WINDIR%\regedit.exe /s %WINDIR%\system\install.reg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\ya[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\ver[1].txt
- %WINDIR%\system\winlogon.exe
- %WINDIR%\system\install.reg
- %WINDIR%\system\install.reg
- 'as###o.narod.ru':80
- '93.##8.134.3':80
- 'localhost':1035
- as###o.narod.ru/ver.txt?ra############
- 93.##8.134.3/
- DNS ASK as###o.narod.ru
- DNS ASK ya.ru
- ClassName: 'RegEdit_RegEdit' WindowName: ''