Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MsiX10Net' = ''
- %WINDIR%\BUY32.INI
- %WINDIR%\MSIWEBINFODATA.INI
- %TEMP%\MSI.DAT
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\MSI[1].DAT
- %WINDIR%\Msi1.INI
- <Текущая директория>\Logfile.txt
- %WINDIR%\<Имя вируса>.INI
- <Текущая директория>\EventLog.txt
- %APPDATA%\Microsoft\Speech\Files\UserLexicons\SP_6B6F0FF1D29248B092134068925855B4.dat
- %WINDIR%\Msi1.INI
- 'www.mt##ys.com':80
- 'ft#.#tnsys.com':21
- www.mt##ys.com/updates/MSI.DAT
- DNS ASK ma##.mtnsys.com
- DNS ASK ft#.#tnsys.com
- DNS ASK www.dn##xit.com
- DNS ASK www.mt##ys.com
- ClassName: 'CicLoaderWndClass' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'