Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnonBadCertRecving' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'WarnOnZoneCrossing' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1601' = '00000000'
- %HOMEPATH%\Desktop\System Check.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
- %HOMEPATH%\Start Menu\Programs\System Check\Uninstall System Check.lnk
- %ALLUSERSPROFILE%\Application Data\S8HU8WaO5ctq
- %HOMEPATH%\Start Menu\Programs\System Check\System Check.lnk
- из <Полный путь к файлу> в %ALLUSERSPROFILE%\Application Data\S8HU8WaO5ctq.exe
- 'te###nafcar.com':80
- 've###leybal.com':80
- 'si####hatlub.com':80
- 'ne##mik.com':80
- 'ub###arimu.com':80
- 'mm##and.com':80
- http://ve###leybal.com/britix/a
- http://te###nafcar.com/britix/ar
- http://te###nafcar.com/britix/a
- http://si####hatlub.com/britix/ar
- http://si####hatlub.com/britix/a
- http://ve###leybal.com/britix/ar
- http://ub###arimu.com/britix/ar
- http://ub###arimu.com/up.php?0Q######################################################################
- http://ne##mik.com/britix/ar
- http://ne##mik.com/britix/a
- http://ub###arimu.com/britix/a
- http://mm##and.com/britix/ar
- http://mm##and.com/britix/a
- DNS ASK te###nafcar.com
- DNS ASK ve###leybal.com
- DNS ASK si####hatlub.com
- DNS ASK ne##mik.com
- DNS ASK ub###arimu.com
- DNS ASK mm##and.com