Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Sys' = '%WINDIR%\Regedit\Managers.exe'
- %WINDIR%\Regedit\SendMail-A.ocx
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\mswinsck[1].ocx
- %WINDIR%\Regedit\mswinsck.ocx
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\SendMail-A[1].ocx
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Managers[1].exe
- %WINDIR%\Regedit\Managers.exe
- 'ha###t.ft2.org':80
- 'localhost':1035
- ha###t.ft2.org/mswinsck.ocx
- ha###t.ft2.org/SendMail-A.ocx
- ha###t.ft2.org/Managers.exe
- DNS ASK ha###t.ft2.org
- ClassName: 'Shell_TrayWnd' WindowName: ''