Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4] 'Start' = '00000002'
- <DRIVERS>\beep.sys
- <SYSTEM32>\dllcache\beep.sys файлом <SYSTEM32>\dllcache\beep.sys.new
- '%TEMP%\setup.exe'
- '%TEMP%\server.exe'
- '%TEMP%\actmovie.exe'
- <SYSTEM32>\GroupPolicy\gpt.ini
- <SYSTEM32>\GroupPolicy\user\Scripts\script.ini
- %TEMP%\256843.gho
- %WINDIR%\Temp\svchost.exe
- %TEMP%\actmovie.exe
- %TEMP%\server.exe
- %TEMP%\setup.exe
- <SYSTEM32>\config\SysEvent.Evt
- %TEMP%\setup.exe
- <SYSTEM32>\config\AppEvent.Evt
- <SYSTEM32>\config\SecEvent.Evt
- %TEMP%\256843.gho в <SYSTEM32>\nt6to4.dll
- <SYSTEM32>\GroupPolicy\user\Scripts\script.ini в <SYSTEM32>\GroupPolicy\user\Scripts\scripts.ini
- '17####6724.3322.org':80
- '17####6724.3322.org':8080
- DNS ASK 17####6724.3322.org