Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'System32_expecter' = 'C:%WINDIR%\up1.exe'
- C:%WINDIR%\up2.exe
- C:%WINDIR%\up1.exe
- %TEMP%\$AlgTemp537329$\loader.exe
- C:%WINDIR%\up1.exe
- C:%WINDIR%\up2.ver
- C:%WINDIR%\up1.ver
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\stat[1].php
- C:%WINDIR%\_system32.exe
- C:%WINDIR%\up2.exe
- %TEMP%\$AlgTemp537329$\ProgStart.name
- %TEMP%\$AlgTemp537329$\pack\up1.ver
- %TEMP%\$AlgTemp537329$\pack\up1.exe
- %TEMP%\$AlgTemp537329$\loader.exe
- %TEMP%\$AlgTemp537329$\pack\_system32.exe
- %TEMP%\$AlgTemp537329$\pack\up2.ver
- %TEMP%\$AlgTemp537329$\pack\up2.exe
- %TEMP%\$AlgTemp537329$\pack\up2.ver
- %TEMP%\$AlgTemp537329$\pack\_system32.exe
- %TEMP%\$AlgTemp537329$\ProgStart.name
- %TEMP%\$AlgTemp537329$\pack\up2.exe
- %TEMP%\$AlgTemp537329$\loader.exe
- %TEMP%\$AlgTemp537329$\pack\up1.exe
- %TEMP%\$AlgTemp537329$\pack\up1.ver
- 'dl.##opbox.com':80
- 'us##t.co.cc':80
- 'localhost':1035
- us##t.co.cc/stat.php?us##################
- dl.##opbox.com/u/27672813/up2/ver.txt
- dl.##opbox.com/u/27672813/up1/files.txt
- dl.##opbox.com/u/27672813/up1/ver.txt
- DNS ASK dl.##opbox.com
- DNS ASK us##t.co.cc
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''