Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Gprotector] 'Start' = '00000002'
- '<SYSTEM32>\tmtmtm.exe'
- '<SYSTEM32>\svhost.exe'
- '<SYSTEM32>\net1.exe' start Gprotector
- '<SYSTEM32>\taskkill.exe' -f -im <Имя вируса>.exe
- <SYSTEM32>\svhost.exe
- %TEMP%\tmpx.bat
- <SYSTEM32>\MSWINSCK.OCX
- <SYSTEM32>\tmtmtm.exe
- %TEMP%\tmp.bat
- '12.##1.0.159':80
- '17#.#94.42.183':80
- 12.##1.0.159/Alice/renew.txt
- 17#.#94.42.183/
- ClassName: '(null)' WindowName: '(null)'