Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\GrayPigeonServer] 'ImagePath' = '%WINDIR%\G_Server'
- [<HKLM>\SYSTEM\ControlSet001\Services\GrayPigeonServer] 'Start' = '00000002'
- '%WINDIR%\G_Server'
- '<SYSTEM32>\cmd.exe' /c %WINDIR%\UNDEL.BAT
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE' about:blank
- Библиотека-обработчик для всех процессов: %WINDIR%\G_SeKey.DLL
- C:\Documents and Settings\LocalService\Favorites\Desktop.ini
- %WINDIR%\G_SeKey.DLL
- %WINDIR%\UNDEL.BAT
- %WINDIR%\G_Server
- %WINDIR%\G_Se.dll
- C:\Documents and Settings\LocalService\Favorites\Desktop.ini
- %WINDIR%\G_SeKey.DLL
- %WINDIR%\G_Server
- %WINDIR%\G_Se.dll
- 'cc####00.3322.org':8002
- DNS ASK cc####00.3322.org
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''