Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4] 'Start' = '00000002'
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\E117OVXD\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\L1234527\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\W5ERCHAJ\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MBWZ4NQP\desktop.ini
- %TEMP%\sSarCqgKEeReh
- %TEMP%\nsn2.tmp
- <SYSTEM32>\6to432.dll
- %TEMP%\nsm3.tmp\ntWjJptvEAL.dll
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MBWZ4NQP\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\W5ERCHAJ\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\L1234527\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\E117OVXD\desktop.ini
- %TEMP%\nsm3.tmp\ntWjJptvEAL.dll
- 'p.####df59652.com':80
- p.####df59652.com/req.jsp
- DNS ASK p.####df59652.com
- DNS ASK co###.wwee258.com
- 'co###.wwee258.com':7125