Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HBlock' = '%PROGRAM_FILES%\Target Web ADS\TargetWebADSh.exe'
- %WINDIR%\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
- %PROGRAM_FILES%\Target Web ADS\TargetWebADSb.exe
- %PROGRAM_FILES%\Target Web ADS\TargetWebADSh.exe
- %PROGRAM_FILES%\Target Web ADS\TargetWebADSb.exe
- %PROGRAM_FILES%\Target Web ADS\Uninstall.exe
- %PROGRAM_FILES%\Target Web ADS\TargetWebADS.dll
- %PROGRAM_FILES%\Target Web ADS\TargetWebADSh.exe
- %WINDIR%\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
- 'se####zoeken.com':80
- 'im###s-base.com':80
- 'im#####epository.com':80
- se####zoeken.com/ad_type.php
- im###s-base.com/borders.php
- DNS ASK se####zoeken.com
- DNS ASK im###s-base.com
- DNS ASK im#####epository.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''