Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\FFF] 'Start' = '00000002'
- <Имя диска съемного носителя>:\јУЛЩ.exe
- <SYSTEM32>\FFF.exe
- %WINDIR%\МЪС¶·А·З·Ё.DLL
- <Имя диска съемного носителя>:\јУЛЩ.exe
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\gg[1].htm
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\wgxzb[1]
- %WINDIR%\МЪС¶·А·З·Ё.DLL
- <SYSTEM32>\FFF.exe
- <SYSTEM32>\FFF.exe
- %WINDIR%\МЪС¶·А·З·Ё.DLL
- <Имя диска съемного носителя>:\јУЛЩ.exe
- 'www.wg##b.com':80
- 'dd####t.3322.org':8000
- 'localhost':1037
- 'localhost':1035
- 'www.cf##w.com':80
- www.wg##b.com/?
- www.cf##w.com/gg.htm?js
- DNS ASK dd####t.3322.org
- DNS ASK www.wg##b.com
- DNS ASK www.cf##w.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''