Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ttool' = '%WINDIR%\cidaetup.exe'
- %WINDIR%\cidaetup.exe /sd 2392
- %WINDIR%\Explorer.EXE
- iexplore.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\cmd[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\options[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\options[1]
- %WINDIR%\cidaetup.exe
- <SYSTEM32>\mplafunc.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\options[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\cmd[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\options[1]
- 'in.###stat44.com':80
- '19#.#04.27.35':80
- 'localhost':1035
- in.###stat44.com/cgi-bin/options.cgi?us##################################################################################################
- 19#.#04.27.35/cgi-bin/options.cgi?us##################################################################################################
- 19#.#04.27.35/cgi-bin/cmd.cgi?us##################################################################################################
- DNS ASK in.###stat44.com
- '<IP-адрес в локальной сети>':1038
- ClassName: 'Indicator' WindowName: ''