Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Uldkgi wairky] 'Start' = '00000002'
- '%WINDIR%\Terms.EXE'
- 'C:\Ggiyaa.exe'
- '<SYSTEM32>\system32.exe'
- '<SYSTEM32>\wscript.exe' "C:\5252.vbs"
- C:\5252.vbs
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\index[1].htm
- %WINDIR%\Terms.EXE
- <SYSTEM32>\system32.exe
- C:\Ggiyaa.exe
- C:\5252.vbs
- C:\Ggiyaa.exe
- 'a4####9105.eicp.net':2012
- 'localhost':2012
- 'localhost':1037
- 'www.11##tt.com':80
- www.11##tt.com/fmp/index.htm
- DNS ASK a4####9105.eicp.net
- DNS ASK www.11##tt.com
- ClassName: 'MS_WebcheckMonitor' WindowName: '(null)'
- ClassName: 'MS_AutodialMonitor' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'