Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Ukokjk gagyca] 'Start' = '00000002'
- '%PROGRAM_FILES%\Rurasm wymlb\Vwcfcmg.exe'
- '<SYSTEM32>\wscript.exe' "C:\6750.vbs"
- C:\6750.vbs
- %PROGRAM_FILES%\Rurasm wymlb\Vwcfcmg.exe
- C:\6750.vbs
- 'ko#####2012.meibu.net':2013
- 'zh####bo.f3322.org':2013
- DNS ASK ko#####2012.meibu.net
- DNS ASK zh####bo.f3322.org
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'