Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Google' = '<Полный путь к вирусу>'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\geektool.infod[1]
- %APPDATA%\Microsoft\Gdata\L\L.txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\geektool.infoget[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\geektool.infod[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\geektool.infoget[1]
- 'ge####ol.infod.php':80
- 'ge#####l.infoget.php':80
- 'localhost':1037
- ge####ol.infod.php/?ax#########
- ge#####l.infoget.php/?ax##########
- DNS ASK ge####ol.infod.php
- DNS ASK ge#####l.infoget.php
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''