Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '7d7c33f' = '%APPDATA%\7d7c33f\7d7c33f.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '7d7c33f' = '%APPDATA%\7d7c33f\7d7c33f.exe'
- %APPDATA%\7d7c33f\7d7c33f.exe
- %WINDIR%\explorer.exe
- <Служебный элемент>
- %WINDIR%\explorer.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\gate[1].htm
- %APPDATA%\7d7c33f\7d7c33f.cfg
- %APPDATA%\7d7c33f\7d7c33f.exe
- %APPDATA%\7d7c33f\7d7c33f.exe
- %TEMP%\~DF1EF4.tmp
- %TEMP%\~DFEDBA.tmp
- '0o#######.researchsecurity.biz':80
- 0o#######.researchsecurity.biz/system/update/gate.php?ac######
- 0o#######.researchsecurity.biz/system/update/gate.php?ac####################
- DNS ASK 0o#######.researchsecurity.biz
- ClassName: 'Indicator' WindowName: ''