Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'run' = '%WINDIR%\iedwf.exe'
- '%WINDIR%\iedwf.exe'
- '%WINDIR%\regedit.exe'
- %TEMP%\fuc3.tmp
- %TEMP%\fuc4.tmp
- %TEMP%\fuc1.tmp
- %TEMP%\fuc2.tmp
- %TEMP%\fuc3.tmp в %WINDIR%\qqupdate.dll
- %TEMP%\fuc4.tmp в %PROGRAM_FILES%\Windows NT\mic.txt
- %TEMP%\fuc1.tmp в %PROGRAM_FILES%\Windows NT\game_.dll
- %TEMP%\fuc2.tmp в %WINDIR%\iedwf.exe