Техническая информация
- '<SYSTEM32>\net1.exe' stop MsMpSvc
- '<SYSTEM32>\net.exe' stop MsMpSvc
- %TEMP%\decfiranhncorpdsview.exe
- %TEMP%\del31b2a.bat
- <DRIVERS>\firanhncorpds.sys
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\firw[1].gif
- <DRIVERS>\firanhncorpds.sys
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\firw[1].gif
- '1.###.31.155':80
- 1.###.31.155/mii/firw.gif