Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{83333B6D-EE8D-3AA6-3E00-D73F3488AD3A}' = 'C:\temp\ssote\ivuv.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'GetLocalIP' = '%TEMP%\regedit32.exe'
- '%TEMP%\regedit32.exe'
- '%TEMP%\Reg.exe'
- '<SYSTEM32>\systeminfo.exe'
- '<SYSTEM32>\attrib.exe' -a -r -s -h %TEMP%\Reg.exe
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\cmd.exe' /c %TEMP%\batfile3.bat
- '<SYSTEM32>\cmd.exe' /c %TEMP%\batfile.bat
- '<SYSTEM32>\ping.exe' 127.0.0.1 -n 3 -w 1000
- <SYSTEM32>\ctfmon.exe
- AVP32.EXE
- AVPCC.EXE
- AVP.COM
- AVP.EXE
- bdagent.exe
- bdss.exe
- AVPM.EXE
- AVSYNMGR.EXE
- AVGCTRL.EXE
- aion.exe
- ash.exe
- 360tray.exe
- ageofconan.exe
- avgcc.exe
- AVGCC32.EXE
- ashAvast.exe
- ashAvSrv.exe
- %TEMP%\batfile.bat
- %TEMP%\regedit32.exe
- %TEMP%\HDisk.txt
- %TEMP%\pest.txt
- %TEMP%\Reg.exe
- %TEMP%\EleU.exe
- %TEMP%\Test.exe
- %TEMP%\batfile3.bat
- %TEMP%\Reg.exe
- %TEMP%\EleU.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\webhp[1]
- %TEMP%\Test.exe
- 'www.wo#####ilippines.net':80
- '74.##5.232.51':80
- www.wo#####ilippines.net/moto.jpg
- 74.##5.232.51/webhp
- www.wo#####ilippines.net/redir.php
- DNS ASK www.wo#####ilippines.net
- DNS ASK www.google.com
- ClassName: 'Indicator' WindowName: ''