Техническая информация
- %TEMP%\smss.exe 127.1 -n 5
- <SYSTEM32>\attrib.exe -s -h "<Полный путь к вирусу>"
- [<HKCU>\Software\Far2\Plugins\FTP\Hosts]
- [<HKCU>\Software\Martin Prikryl\WinSCP 2\Sessions]
- [<HKCU>\Software\Google\Google Talk\Accounts]
- [<HKCU>\Software\Far\Plugins\FTP\Hosts]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\CA0X2Z05.php
- %TEMP%\1.tmp.12
- %TEMP%\1.tmp.cmd
- %TEMP%\smss.exe
- '82.##6.51.22':80
- 'localhost':1035