Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Service] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\svchost] 'Start' = '00000002'
- <SYSTEM32>\sc.exe Create Service binPath= "%WINDIR%\service.exe" displayName= "Service" start= "auto"
- <SYSTEM32>\sc.exe Create svchost binPath= "%WINDIR%\svchost.exe" displayName= "svchost" start= "auto"
- %WINDIR%\csrss.exe
- %WINDIR%\service.exe
- %WINDIR%\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\online2[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\advanced_search[1]
- %WINDIR%\csrss.exe
- %WINDIR%\service.exe
- %WINDIR%\svchost.exe
- 'www.go###e.com.tr':80
- 'www.oy###diyari.com':80
- 'localhost':1035
- 'www.is####ulemlak34.net':80
- www.oy###diyari.com/game.exe
- www.is####ulemlak34.net/helia.exe
- www.is####ulemlak34.net/yardimci.exe
- www.go###e.com.tr/advanced_search
- www.is####ulemlak34.net/online2.html
- www.is####ulemlak34.net/kelime2.txt
- www.is####ulemlak34.net/url2.txt
- DNS ASK www.oy###diyari.com
- DNS ASK www.go###e.com.tr
- DNS ASK www.is####ulemlak34.net
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''