Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'MsnMsgr' = '<SYSTEM32>\msnmsgr.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\letsplainagain] 'Start' = '00000001'
- [<HKLM>\SYSTEM\ControlSet001\Services\letsmoveagain] 'Start' = '00000000'
- <SYSTEM32>\reg.exe add "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run" /v MsnMsgr /t REG_SZ /d "<SYSTEM32>\msnmsgr.exe
- <SYSTEM32>\sdf.tmpp
- <SYSTEM32>\msnmsgr.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\hosts[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\geo_tab_left2_sys[1].gif
- <SYSTEM32>\wiiinnnzzzz.sys
- '18#.#0.244.107':80
- 'localhost':1035
- 18#.#0.244.107/files/hosts.txt
- 18#.#0.244.107/files/geo_tab_left2_sys.gif