Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Netman] 'Start' = '00000002'
- <SYSTEM32>\attrib.exe -s -h -r <Полный путь к вирусу>
- %TEMP%\tabcteng.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\SzNQOjYBbUteWVII722[1]
- %TEMP%\mst3.tmp
- %TEMP%\svchost.exe
- %TEMP%\svchost.Bat
- %TEMP%\1.tmp
- %TEMP%\svchost.exe
- %TEMP%\svchost.Bat
- 'gw###.#icroupdata.com':80
- gw###.#icroupdata.com/ZjJYPjY3/VjJcPzM3a0o12261/23062/21VWQPaTdnaA/SzNQOjYBbUteWVII722/
- DNS ASK gw###.#icroupdata.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''