Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Defghi Klmnopqr Tuv] 'Start' = '00000002'
- '%WINDIR%\gaaeqau.pif'
- '<SYSTEM32>\wscript.exe' "C:\4960.vbs"
- C:\4960.vbs
- %WINDIR%\gaaeqau.pif
- C:\4960.vbs
- 'hk.##linux.com':228
- DNS ASK hk.##linux.com