Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\TPAutoConnct7] 'Start' = '00000002'
- '%TEMP%\spools.exe'
- '<SYSTEM32>\svchost.exe' -k imgsvc
- '<SYSTEM32>\svchost.exe' -k netsvcs
- %PROGRAM_FILES%\PrinD\PrindD.psd
- %PROGRAM_FILES%\PrinD\prindd.psdbak1
- %PROGRAM_FILES%\PrinD\prindd.psdbak2
- C:\Net-Temp.ini
- C:\853700.dll
- C:\NT_Path.jpg
- %TEMP%\spools.exe
- C:\853700.dll
- C:\NT_Path.jpg
- C:\Net-Temp.ini
- 'ad###.ctlctl.com':100
- 'ad###.ctlctl.com':2000
- 'ad###.ctlctl.com':800
- DNS ASK ad###.ctlctl.com