Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\usbctl] 'Start' = '00000002'
- <SYSTEM32>\usbctl.exe
- <SYSTEM32>\cmd.exe /c ""%TEMP%\~F1783AC124DE123.bat" "
- [<HKCU>\SOFTWARE\Far2\Plugins\FTP\Hosts]
- %TEMP%\~F1783AC124DE123.bat
- %ALLUSERSPROFILE%\Application Data\AF149238CEF2A859E9A
- %ALLUSERSPROFILE%\Application Data\4719AF82BBCD1946FFE
- <SYSTEM32>\usbctl.exe
- %ALLUSERSPROFILE%\Application Data\4719AF82BBCD1946FFE
- '98.##3.147.252':80
- 'ns.#k2.net':53
- DNS ASK www.we#.de
- DNS ASK www.ya##o.com
- DNS ASK ns.#k2.net