Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MsSecurity' = '<Полный путь к вирусу>'
- %HOMEPATH%\My Documents\My PicturesCRNJEUFU=1-1-16-34-51.jpeg
- %HOMEPATH%\My Documents\My PicturesCRNJEUFU=1-1-16-35-21.jpeg
- %HOMEPATH%\My Documents\My PicturesCRNJEUFU=1-1-16-35-37.jpeg
- %HOMEPATH%\My Documents\My PicturesCRNJEUFU=1-1-16-33-11.jpeg
- %HOMEPATH%\My Documents\My PicturesCRNJEUFU=1-1-16-33-25.jpeg
- %HOMEPATH%\My Documents\My PicturesCRNJEUFU=1-1-16-33-55.jpeg
- %HOMEPATH%\My Documents\My PicturesCRNJEUFU=1-1-16-34-51.jpeg
- %HOMEPATH%\My Documents\My PicturesCRNJEUFU=1-1-16-35-21.jpeg
- %HOMEPATH%\My Documents\My PicturesCRNJEUFU=1-1-16-33-55.jpeg
- %HOMEPATH%\My Documents\My PicturesCRNJEUFU=1-1-16-33-11.jpeg
- %HOMEPATH%\My Documents\My PicturesCRNJEUFU=1-1-16-33-25.jpeg
- 'al####e.hostzi.com':80
- 'wp#d':80
- wp#d/wpad.dat
- al####e.hostzi.com/ss/cname.php?up################
- DNS ASK al####e.hostzi.com
- DNS ASK wp#d
- ClassName: 'Indicator' WindowName: ''