Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Dfs] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\ncio] 'Start' = '00000002'
- '%WINDIR%\cacls.exe'
- '<SYSTEM32>\Dfssvr.exe'
- iexplore.exe
- <SYSTEM32>\Dfssvr.exe
- %WINDIR%\cacls.exe
- <SYSTEM32>\Dfssvr.exe
- %WINDIR%\Temp\IMTSI.xml
- %WINDIR%\Temp\Tmp2.tmp
- %WINDIR%\dataacess.dll
- %WINDIR%\cacls.exe
- %WINDIR%\Temp\IMTFT.xml
- <DRIVERS>\filter.rar
- %TEMP%\Tmp1.tmp
- <DRIVERS>\ncio.sys
- %WINDIR%\Temp\filter.rar
- %WINDIR%\Temp\IMTCM.xml
- %TEMP%\Tmp1.tmp
- %WINDIR%\Temp\Tmp2.tmp
- <DRIVERS>\filter.rar
- %WINDIR%\Temp\filter.rar
- 'sx.##wcell.cn':80
- sx.##wcell.cn/service.asmx
- DNS ASK sx.##wcell.cn
- ClassName: 'Shell_TrayWnd' WindowName: ''