Техническая информация
- %WINDIR%\W3.exe
- %WINDIR%\W4.exe
- %WINDIR%\KlD.exe
- %WINDIR%\W5.exe
- %WINDIR%\W2.exe
- %WINDIR%\W4.exe (загружен из сети Интернет)
- %WINDIR%\KlD.exe (загружен из сети Интернет)
- %WINDIR%\W2.exe (загружен из сети Интернет)
- %WINDIR%\W3.exe (загружен из сети Интернет)
- %WINDIR%\W5.exe (загружен из сети Интернет)
- ClassName: 'TDeDeMainForm' WindowName: ''
- ClassName: 'TIdaWindow' WindowName: ''
- ClassName: 'APIMonitor By Rohitab' WindowName: ''
- ClassName: 'RegmonClass' WindowName: ''
- ClassName: 'FilemonClass' WindowName: ''
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\KKl41[1].jpg
- %WINDIR%\W3.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\KKl31[1].jpg
- %WINDIR%\KlD.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\KlD[1].jpg
- %WINDIR%\W4.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\KKl51[1].jpg
- %WINDIR%\chi.pps
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\chi[1].jpg
- %WINDIR%\W2.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\KKl21[1].jpg
- %WINDIR%\W5.exe
- 'up###dway.com':80
- 'localhost':1036
- up###dway.com/files/1954/KKl31.jpg
- up###dway.com/files/1957/KKl41.jpg
- up###dway.com/files/1820/KlD.jpg
- up###dway.com/files/2010/chi.jpg
- up###dway.com/files/1958/KKl51.jpg
- up###dway.com/files/1953/KKl21.jpg
- DNS ASK up###dway.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: '' WindowName: '<Имя вируса>'
- ClassName: 'SuckMe&Class' WindowName: ''