Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'ms' = '%PROGRAM_FILES%\mm.exe'
- %CommonProgramFiles%\Microsoft Shared\DW\DWTRIG20.EXE
- %PROGRAM_FILES%\FireFox\crashreporter.exe
- C:\Far2\Far.exe
- %CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE
- '%PROGRAM_FILES%\mm.exe'
- '%TEMP%\3333.exe'
- '%TEMP%\seaak.exe'
- %PROGRAM_FILES%\mm.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\seaa[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\seaa[1].txt
- %TEMP%\seaak.exe
- %TEMP%\3333.exe
- %TEMP%\kra1.tmp
- <DRIVERS>\etc\hosts.ics
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\seaa[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\seaa[1].txt
- %TEMP%\kra1.tmp
- 'www.xf##u.com':80
- 'localhost':1036
- www.xf##u.com/seaa.txt
- DNS ASK www.xf##u.com