Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WinSoundCenter] 'Start' = '00000002'
- '%WINDIR%\sleep.exe' 7
- '<SYSTEM32>\attrib.exe' -h "<Полный путь к вирусу>"
- '<SYSTEM32>\attrib.exe' -s "del /Q /a "s"\*.*
- '<SYSTEM32>\svchost.exe' -k msaudioagnt
- '<SYSTEM32>\cmd.exe' /c %TEMP%\\Deleteme.bat
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\usbman[1].jpg
- %WINDIR%\Temp\ojs0302_kosep.jpg
- <SYSTEM32>\soundagnt.dll
- %TEMP%\Deleteme.bat
- '21#.#45.131.130':80
- 'localhost':1036
- 21#.#45.131.130/usbman.jpg