Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Java(TM) Platform SE Auto Updater' = 'wscript.exe /B "%APPDATA%\windows.vbs"'
- '<SYSTEM32>\wscript.exe' /B "%APPDATA%\windows.vbs" "4EBC2999-88E6680F;"
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\ctrl[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ctrl[1].php
- %APPDATA%\windows.vbs
- %APPDATA%\windows.vbs
- 'be####ia.no-ip.biz':80
- 'localhost':1036
- be####ia.no-ip.biz/.pages/ctrl.php?ia
- be####ia.no-ip.biz/.pages/ctrl.php?ne##########################################################
- DNS ASK be####ia.no-ip.biz
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'Indicator' WindowName: '(null)'