Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'atiedxx' = '%APPDATA%\lpt1.{1D2680C9-0E2A-469d-B787-065558BC7D43}\atiedxx.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\atiedxx.exe
- Средство контроля пользовательских учетных записей (UAC)
- '<SYSTEM32>\cmd.exe' /c %TEMP%\617C2CA5.cmd
- '%APPDATA%\lpt1.{1D2680C9-0E2A-469d-B787-065558BC7D43}\atiedxx.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\gate[1].php
- %TEMP%\617C2CA5.cmd
- %APPDATA%\lpt1.{1D2680C9-0E2A-469d-B787-065558BC7D43}\atiedxx.exe
- %APPDATA%\lpt1.{1D2680C9-0E2A-469d-B787-065558BC7D43}\atiedxx.exe
- %TEMP%\617C2CA5.cmd
- 'do###ttz.biz':80
- '20#.#6.232.182':80
- http://do###ttz.biz/rayt/panel/gate.php
- DNS ASK do###ttz.biz
- DNS ASK www.microsoft.com
- ClassName: 'Indicator' WindowName: ''