Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\6to4] 'Start' = '00000002'
- '%TEMP%\dns.exe'
- '%TEMP%\2012.exe'
- '%TEMP%\登陆器辨别程序.exe'
- '<SYSTEM32>\ipconfig.exe' /flushdns
- %TEMP%\285d1.tmp
- %TEMP%\162218_ELGDH.tMP
- %TEMP%\SkinH_EL.dll
- %TEMP%\28dc1.tmp
- %TEMP%\2012.exe
- %TEMP%\登陆器辨别程序.exe
- %TEMP%\2797b.tmp
- %TEMP%\dns.exe
- %TEMP%\SkinH_EL.dll
- <SYSTEM32>\6to4DFGLKER.DLL
- %TEMP%\285d1.tmp
- %TEMP%\28dc1.tmp
- %TEMP%\2797b.tmp
- %TEMP%\2012.exe
- %TEMP%\162218_ELGDH.tMP в <SYSTEM32>\6to4DFGLKER.DLL
- 'www.94##q.com':80
- 'sf##.3322.org':2012
- www.94##q.com/dlq.txt
- DNS ASK www.94##q.com
- DNS ASK sf##.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''