Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Cleanup' = 'C:\cleanup.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'AVG Internet Security' = '<LS_APPDATA>\Avast.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\tyooay] 'Start' = '00000000'
- Средство контроля пользовательских учетных записей (UAC)
- C:\TITI.EXE /nogui C:\t.txt
- C:\XcoderX.exe explorer.exe scp explorer.exe gb
- %WINDIR%\Explorer.EXE
- <DRIVERS>\wopmc.sys
- %WINDIR%\vxnulkey.txt
- C:\zip.exe
- C:\cleanup.exe
- C:\cleanup.bat
- C:\t.txt
- <LS_APPDATA>\Avast.exe
- %TEMP%\EE676563
- %WINDIR%\XcoderX_KL_1
- C:\TITI.EXE
- C:\XcoderX.exe
- 'www.dr####o-taoin.si':80
- www.dr####o-taoin.si/images/banners/pereca1.php
- DNS ASK www.dr####o-taoin.si
- ClassName: 'TabWindowClass' WindowName: ''
- ClassName: 'Shell DocObject View' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Internet Explorer_Server' WindowName: ''
- ClassName: 'NDDEAgnt' WindowName: 'NetDDE Agent'
- ClassName: 'TApplication' WindowName: 'Primeira'
- ClassName: 'MozillaUIWindowClass' WindowName: ''
- ClassName: '' WindowName: ''