Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'BD' = '"%TEMP%\dc.exe"'
- %PROGRAM_FILES%\Outlook Express\14xxp.exe
- %TEMP%\dc.exe
- %PROGRAM_FILES%\Outlook Express\x14x.exe
- %TEMP%\14xxpp.exe
- <SYSTEM32>\cmd.exe /c ""%PROGRAM_FILES%\outlook express\windows3.bat" "
- %PROGRAM_FILES%\Outlook Express\14xxp.exe
- %TEMP%\backdoor.log
- %TEMP%\dc.exe
- %TEMP%\14xxpp.exe
- %PROGRAM_FILES%\Outlook Express\windows3.bat
- %PROGRAM_FILES%\Outlook Express\WINDOWS3.PIF
- %PROGRAM_FILES%\Outlook Express\x14x.exe
- 'to##.zapto.org':9123
- DNS ASK to##.zapto.org
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''