Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Sticky' = '%TEMP%\IIBLMPWOITUQGEFDTWQGTBQNAUQOLWR\sticky.exe'
- '%TEMP%\IIBLMPWOITUQGEFDTWQGTEQNAUQOLWR\updater.exe'
- '%TEMP%\IIBLMPWOITUQGEFDTWQGTEQNAUQOLWR\updater.exe' (загружен из сети Интернет)
- firefox.exe
- %TEMP%\EOXAUDDAUAYINCIKFGDWVIPOQDXXQBM\{df6bb2ec-333b-4267-8c4f-3f27dc8c6e07}.xpi
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Eklenti[1].zip
- %TEMP%\HTTNQEQXNCBCJXIFFOJDMOMDTLOFISN\Extensions.zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\{df6bb2ec-333b-4267-8c4f-3f27dc8c6e07}[1].xpi
- %TEMP%\IIBLMPWOITUQGEFDTWQGTBQNAUQOLWR\sticky.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\updater[1].exe
- %TEMP%\IIBLMPWOITUQGEFDTWQGTEQNAUQOLWR\updater.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Eklenti[1].zip
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\{df6bb2ec-333b-4267-8c4f-3f27dc8c6e07}[1].xpi
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\updater[1].exe
- 'vl####aplayer.com':80
- vl####aplayer.com/eklenti/Eklenti.zip
- vl####aplayer.com/eklenti/{df6bb2ec-333b-4267-8c4f-3f27dc8c6e07}.xpi
- vl####aplayer.com/eklenti/updater.exe
- DNS ASK vl####aplayer.com
- ClassName: 'Indicator' WindowName: '(null)'