Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MsnMsgr' = '<SYSTEM32>\msnmsgr.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\letsmoveagain] 'Start' = '00000000'
- <SYSTEM32>\reg.exe add "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run" /v MsnMsgr /t REG_SZ /d "<SYSTEM32>\msnmsgr.exe
- <SYSTEM32>\asd.tmpp
- <SYSTEM32>\msnmsgr.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\hosts[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\wiiinnnzzzz[1].sys
- <SYSTEM32>\wiiinnnzzzz.sys
- '66.#52.1.18':80
- 'localhost':1035
- 66.#52.1.18/life/hosts.txt
- 66.#52.1.18/life/wiiinnnzzzz.sys