Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\WBAeyrrVb] 'Start' = '00000002'
- %TEMP%\1b785.tmp
- <DRIVERS>\WBAeyrrVb.sys
- %TEMP%\1ab5e.tmp
- %TEMP%\1b09f.tmp
- %TEMP%\1b785.tmp
- <DRIVERS>\WBAeyrrVb.sys
- %TEMP%\1ab5e.tmp
- %TEMP%\1b09f.tmp
- 'a8#####4.etlyhost.tk':80
- a8#####4.etlyhost.tk/dlllogin.asp?us#########
- DNS ASK a8#####4.etlyhost.tk
- ClassName: 'Shell_TrayWnd' WindowName: ''