Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'EsErs' = '%WINDIR%\KPL\wsc.exe pass=123123a port=5071'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'wins' = '%WINDIR%\SearchFilterHot.exe'
- '%WINDIR%\SearchFilterHot.exe'
- '%WINDIR%\KPL\wsc.exe' pass=123123a port=5071
- '<SYSTEM32>\netsh.exe' advfirewall firewall add rule name=WinUpdate dir=in program=%WINDIR%\KPL\SearchFilterHot.exe security=notrequired action=allow
- '<SYSTEM32>\netsh.exe' advfirewall firewall add rule name=trueUpdate dir=in program=%WINDIR%\KPL\wsc.exe security=notrequired action=allow
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[1].php
- %TEMP%\index.html
- %TEMP%\duml.mg
- %WINDIR%\SearchFilterHot.exe
- %WINDIR%\KPL\wsc.exe
- %WINDIR%\SearchFilterHot.exe
- %TEMP%\index.html
- %TEMP%\duml.mg
- '2i#.ru':80
- '93.##8.134.11':25
- '74.##5.232.51':80
- 'localhost':1039
- 2i#.ru/index.php
- DNS ASK sm##.yandex.ru
- DNS ASK 2i#.ru
- DNS ASK www.google.com