Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\AppMgmt] 'Start' = '00000002'
- '<SYSTEM32>\reg.exe' add "HKLM\SYSTEM\CurrentControlSet\services\AppMgmt\Parameters" /v ServiceDll /t REG_EXPAND_SZ /d "<SYSTEM32>\wbem\cimmentsa.dll" /f
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\U30Z0DKD\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YHRAKUD5\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\9LI0BWFX\desktop.ini
- <SYSTEM32>\wbem\cimmentsa.dll
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\03CP2963\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YHRAKUD5\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\9LI0BWFX\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\03CP2963\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\U30Z0DKD\desktop.ini
- 'us##.#zone.qq.com':80
- us##.#zone.qq.com/2901792077
- DNS ASK us##.#zone.qq.com