Техническая информация
- <SYSTEM32>\cmd.exe /c <Текущая директория>\_tmp.bat
- <SYSTEM32>\regsvr32.exe "%PROGRAM_FILES%\Scpad\scpMIB32.dll" /s
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\updtцnconfig[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\updtцnconfig[1]
- %PROGRAM_FILES%\Scpad\scpMIB32.dll
- <Текущая директория>\_tmp.bat
- %WINDIR%\infosцpi.dll
- %PROGRAM_FILES%\Scpad\AiodLite
- %PROGRAM_FILES%\Scpad\scpMIB32.dll_
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\Preferred
- %APPDATA%\Microsoft\Protect\S-1-5-21-2052111302-484763869-725345543-1003\4a5c2d5c-53a1-4074-ba59-ec5eecc892a9
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\updtцnturismo[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\updtцnturismo[1]
- %APPDATA%\Microsoft\Crypto\RSA\S-1-5-21-2052111302-484763869-725345543-1003\e8c76afd3b86e53d6a4b975ffdd70b7a_23ef5514-3059-436f-a4a7-4cefaab20eb1
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\updtцnconfig[1]
- %PROGRAM_FILES%\Scpad\scpMIB32.dll_
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\updtцnturismo[1]
- 'www.m?####es.kit.????t':80
- www.m?####es.kit.????t/updt?nc#####
- www.m?####es.kit.????t/updt?nt######
- DNS ASK www.mц#####.itфбt