Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'F2DayUpdate' = '%PROGRAM_FILES%\F2Day\f2dux.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'F2Day' = '%PROGRAM_FILES%\F2Day\f2dupdater.exe'
- %PROGRAM_FILES%\F2Day\f2dux.exe (загружен из сети Интернет)
- <SYSTEM32>\cmd.exe /c \DelUS.bat
- %PROGRAM_FILES%\F2Day\f2dux.exe
- %PROGRAM_FILES%\F2Day\f2dupdater.exe
- %HOMEPATH%\Start Menu\ЗБ·О±Ч·Ґ\F2Day\ЗКЕхµҐАМ №Щ·О°Ў±в.lnk
- C:\DelUS.bat
- %HOMEPATH%\Desktop\ЗКЕхµҐАМ №Щ·О°Ў±в.lnk
- %PROGRAM_FILES%\F2Day\f2dico.ico
- %WINDIR%\f2ddat.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\f2ddat[1].dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\icc[1].php
- %PROGRAM_FILES%\F2Day\f2ddel.exe
- %PROGRAM_FILES%\F2Day\f2dmain.exe
- %WINDIR%\f2ddat.dat
- 'do##.#eel2day.com':80
- 'localhost':1035
- do##.#eel2day.com/main/hdday02/f2dico.ico
- do##.#eel2day.com/main/hdday02/f2dupdater.exe
- do##.#eel2day.com/main/hdday02/f2dux.exe
- do##.#eel2day.com/main/hdday02/f2ddel.exe
- do##.#eel2day.com/main/hdday02/f2ddat.dat
- do##.#eel2day.com/ap_cnt/icc.php?&p#################################
- do##.#eel2day.com/main/hdday02/f2dmain.exe
- DNS ASK do##.#eel2day.com