Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4] 'Start' = '00000002'
- %WINDIR%\Explorer.EXE
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Y1C1QR4Z\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\GQIBK3HQ\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RK9G7YUJ\info[1].htm
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\A3WNQJUF\desktop.ini
- %TEMP%\<Имя вируса>.dll
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RK9G7YUJ\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Y1C1QR4Z\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\GQIBK3HQ\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RK9G7YUJ\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\A3WNQJUF\desktop.ini
- 'up####.cat-om.com':80
- up####.cat-om.com/info.htm
- DNS ASK up####.cat-om.com