Техническая информация
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\mozila20.lnk
- %HOMEPATH%\Start Menu\Programs\Startup\mozila20.lnk
- <SYSTEM32>\xcopy.exe "%HOMEPATH%\Start Menu\Programs\Startup\mozila20.lnk" "%ALLUSERSPROFILE%\Start Menu\Programs\Startup" /Y
- %WINDIR%\Temp\MZђ.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\test[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\test[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\MZђ[1]
- 'localhost':1037
- 'al##ady.net':80
- al##ady.net/downtab/test.php?cn################################
- al##ady.net/downtab/CRNJEUFU/MZ?
- al##ady.net/downtab/test.php?cn#########################
- DNS ASK al##ady.net
- '<IP-адрес в локальной сети>':1035