Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\svchost] 'Start' = '00000002'
- '%WINDIR%\svchost.exe'
- '%TEMP%\doo505gz.exe'
- '%TEMP%\єЪ·АЧЁ°ж.exe'
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\uninstal.bat
- %WINDIR%\uninstal.bat
- %TEMP%\Operate.ini
- %TEMP%\dat\huigezi.gif
- %TEMP%\єЪ·АЧЁ°ж.exe
- %TEMP%\doo505gz.exe
- %WINDIR%\svchost.exe
- %WINDIR%\svchost.exe
- %TEMP%\doo505gz.exe
- 'us##.bmkj.com':80
- 'ne##.#uigezi.net':80
- us##.bmkj.com/doo/505.jpg
- ne##.#uigezi.net/huigezi.gif
- DNS ASK us##.bmkj.com
- DNS ASK ne##.#uigezi.net
- ClassName: 'msctls_updown32' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'MS_WINHELP' WindowName: '(null)'