Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'trkcore' = '%PROGRAMDATA%\Microsoft\Roaming\svchost.exe'
- Диспетчера задач (Taskmgr)
- <SYSTEM32>\dwm.exe
- %WINDIR%\explorer.exe
- <SYSTEM32>\taskhost.exe
- iexplore.exe
- firefox.exe
- <Полный путь к файлу>
- из <Полный путь к файлу> в <Текущая директория>\old_<Имя файла>.exe
- http://w.google.com/
- http://pa###bin.com/raw/AqndxJKK
- http://pa###bin.com/AqndxJKK
- http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/02FAF3E291435468607857694DF5E45B68851868.crt
- DNS ASK n0###WIUEf.com
- DNS ASK co###QGYXd.com
- DNS ASK ls###Qjbda.com
- DNS ASK QN###uln2a.com
- DNS ASK ad###wJ9YA.com
- DNS ASK Pe###Z1iTs.com
- DNS ASK w.google.com
- DNS ASK pa###bin.com
- DNS ASK MG###eyKb7.com
- DNS ASK 2L###cLDL4.com
- DNS ASK 2S###C5HmR.com
- DNS ASK pf###fA01F.com
- ClassName: 'Progman' WindowName: ''
- ClassName: 'Proxy Desktop' WindowName: ''
- ClassName: 'SystemTray_Main' WindowName: ''
- ClassName: 'Media Center Tray Applet' WindowName: ''
- ClassName: '' WindowName: 'View Available Networks'
- ClassName: 'BluetoothNotificationAreaIconWindowClass' WindowName: 'BluetoothNotificationAreaIconWindowClass'
- ClassName: 'BluetoothNotificationAreaIconWindowClass' WindowName: ''
- '%WINDIR%\explorer.exe'