Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'EILYOIL' = '%WINDIR%\EILYOIL.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\cmd[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\cmd[1].php
- %WINDIR%\EILYOIL.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cmd[1].php
- 'm2.#1-3.com':80
- 'm3.#1-4.com':80
- 'localhost':1035
- 'm1.#1-2.com':80
- m3.#1-4.com/v2.0/cmd.php?ma###############################
- m2.#1-3.com/v2.0/cmd.php?ma###############################
- m1.#1-2.com/v2.0/cmd.php?ma###############################
- DNS ASK m2.#1-3.com
- DNS ASK m3.#1-4.com
- DNS ASK m1.#1-2.com
- '<IP-адрес в локальной сети>':1036