Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Micro' = '%APPDATA%\svhost.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\Logs.vbs
- %HOMEPATH%\Start Menu\Programs\Startup\svhost
- '%TEMP%\IDM_Setup_Temp\IDM1.tmp' -d "%TEMP%\IDM_Setup_Temp\"
- '%APPDATA%\svhost.exe'
- '%TEMP%\svhost.exe'
- '%TEMP%\idman627build2.exe'
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\cvtres.exe' /NOLOGO /READONLY /MACHINE:IX86 "/OUT:%TEMP%\RES2.tmp" "%TEMP%\vbc1.tmp"
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe' /noconfig @"%TEMP%\lvwj6ax-.cmdline"
- %TEMP%\vbc1.tmp
- %TEMP%\lvwj6ax-.out
- %APPDATA%\Random\Optional\Launch Internet Explorer Browser.exe
- %TEMP%\RES2.tmp
- %TEMP%\lvwj6ax-.cmdline
- %TEMP%\idman627build2.exe
- %TEMP%\svhost.exe
- %TEMP%\lvwj6ax-.0.vb
- %APPDATA%\svhost.exe
- %TEMP%\vbc1.tmp
- %TEMP%\RES2.tmp
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk в %APPDATA%\Random\Optional\Launch Internet Explorer Browser.lnk
- %APPDATA%\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
- 'j4###r.ddns.net':5000
- DNS ASK j4###r.ddns.net