Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'msini' = '%WINDIR%\ini\msini.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'msini' = '%WINDIR%\ini\msini.exe'
- [<HKLM>\SOFTWARE\Classes\dllfile\shell\open\command] '' = 'rundll32.exe'
- %WINDIR%\ini\msini.exe
- %WINDIR%\Explorer.EXE
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\logger[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ip[1].txt
- %WINDIR%\ini\msini32.sys
- C:\~tmp5972.tmp
- %WINDIR%\ini\msini.exe
- %WINDIR%\ini\msini32.sys
- %WINDIR%\ini\msini.exe
- C:\~tmp5972.tmp
- 'sh#.perl.sh':443
- 'my##m.wo.tc':80
- my##m.wo.tc/nr/ip.txt
- my##m.wo.tc/nr/logger.php?ac#################################################################################################################
- DNS ASK sh#.perl.sh
- DNS ASK my##m.wo.tc
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''