Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\BITS] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\MSDTC] 'Start' = '00000002'
- '<SYSTEM32>\net1.exe' stop MSDTC
- '<SYSTEM32>\sc.exe' config MSDTC start= auto
- 'C:\$RECLCLE.BIN\ctfmon.exe' /adminoption 0
- '<SYSTEM32>\net.exe' stop MSDTC
- <SYSTEM32>\BIT1.tmp
- %TEMP%\speedmem2.hg
- C:\$RECLCLE.BIN\ctfmon.exe
- %TEMP%\speedmem2.hg
- <SYSTEM32>\BIT1.tmp в <SYSTEM32>\oci.dll
- 'ip.cn':80
- http://ip.cn/index.php?ip###############
- DNS ASK ip.cn