Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\NWCWorkstation] 'Start' = '00000002'
- <SYSTEM32>\rundll32.exe shell32.dll,Control_RunDLL wscui.cpl
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\096VO9Q3\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C39URC81\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\A9INAL8L\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\SVAB0ZAJ\desktop.ini
- <SYSTEM32>\MIC1.cpl
- %TEMP%\MIC1.tmp
- <SYSTEM32>\WNWCWorkstationsys.dll
- %TEMP%\MIC2.tmp
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\SVAB0ZAJ\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\A9INAL8L\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C39URC81\desktop.ini
- C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\096VO9Q3\desktop.ini
- <SYSTEM32>\MIC1.cpl
- %TEMP%\MIC2.tmp
- %TEMP%\MIC1.tmp
- 'ft#.##xxed.myz.info':443
- 'ft#.###oojpg.edns.biz':1110
- 'ft#.##xxed.myz.info':8080
- DNS ASK ft#.###oojpg.edns.biz
- DNS ASK ft#.##xxed.myz.info