Техническая информация
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://go.##ilea.info/?i=################################
- <SYSTEM32>\regini.exe "%WINDIR%\offreg.ini"
- <SYSTEM32>\regini.exe "<SYSTEM32>\onreg.ini"
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] 'NoInternetIcon' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoInternetIcon' = '00000000'
- <SYSTEM32>\offreg.ini
- %TEMP%\nsv3.tmp\ns6.tmp
- %TEMP%\nsv3.tmp\ns5.tmp
- %TEMP%\nsv3.tmp\ns7.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\go.lailea[1]
- %ALLUSERSPROFILE%\Desktop\МФ±¦№єОп.exe
- %ALLUSERSPROFILE%\Desktop\ГАЕ®КУЖµ.exe
- <SYSTEM32>\4.ico
- %TEMP%\nsv3.tmp\System.dll
- %TEMP%\nsv3.tmp\time.dll
- %TEMP%\nsa2.tmp
- <SYSTEM32>\onreg.ini
- <SYSTEM32>\ie.ico
- %TEMP%\nsv3.tmp\ns4.tmp
- %TEMP%\nsv3.tmp\nsExec.dll
- %TEMP%\nsv3.tmp\ns6.tmp
- %TEMP%\nsv3.tmp\ns7.tmp
- <SYSTEM32>\offreg.ini
- %TEMP%\nsv3.tmp\ns4.tmp
- <SYSTEM32>\onreg.ini
- %TEMP%\nsv3.tmp\ns5.tmp
- 'go.##ilea.info':80
- 'localhost':1037
- go.##ilea.info/?i=##############################
- DNS ASK go.##ilea.info
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''