Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'db31c9b' = '"<LS_APPDATA>\sica\sica.exe"'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'db31c9b' = '"<LS_APPDATA>\sica\sica.exe"'
- '<SYSTEM32>\regsvr32.exe'
- <SYSTEM32>\regsvr32.exe
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1206' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '2300' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1809' = '00000003'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1206' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '2300' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1809' = '00000003'
- %APPDATA%\System.dll
- <LS_APPDATA>\sica\sica.exe
- %HOMEPATH%\Local Settings\<INETFILES>\Content.IE5\KHMHGZ4F\microsoft[1]
- %APPDATA%\rival.dll
- %TEMP%\nsf2.tmp
- %APPDATA%\VertebraSquiredom
- %APPDATA%\section.level1.properties.xml
- '57.#5.4.251':80
- '20#.#6.232.182':80
- '97.##7.36.94':443
- '13#.#6.157.49':80
- '14#.#1.118.14':80
- http://do#####d.microsoft.com/download/E/C/E/ECE99583-2003-455D-B681-68DB610B44A4/WindowsXP-KB968930-x86-ENG.exe via 20#.#6.232.182
- http://microsoft.com/ via 20#.#6.232.182
- DNS ASK do#####d.microsoft.com
- DNS ASK microsoft.com