Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'minix32' = '<SYSTEM32>\minix32.exe'
- '%ProgramFiles%\Windows Media Player\ANTI_F~1.EXE' (загружен из сети Интернет)
- '<SYSTEM32>\cmd.exe' /c %TEMP%\\em_194203.bat "<Полный путь к вирусу>"
- %HOMEPATH%\Desktop\Windows Antivirus Pro.lnk
- %TEMP%\em_194203.bat
- %HOMEPATH%\Start Menu\Programs\Windows Antivirus Pro\Windows Antivirus Pro.lnk
- <SYSTEM32>\minix32.exe
- %ProgramFiles%\Windows Antivirus Pro\ANTI_files.exe
- <SYSTEM32>\minix32.exe
- %ProgramFiles%\Windows Antivirus Pro\ANTI_files.exe
- 'co######.sviniakopilka.com':80
- http://co######.sviniakopilka.com/action/action3.cgi?p=#####
- http://co######.sviniakopilka.com/d_program_all.cgi?ho############
- http://co######.sviniakopilka.com/log3.cgi
- DNS ASK co######.sviniakopilka.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''