Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'svchosts' = '<SYSTEM32>\JavaBr.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] 'Cleanup' = 'C:\cleanup.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\wrwo] 'Start' = '00000000'
- C:\kill.exe /nogui c:\Metendo.txt
- C:\cleanup.bat
- C:\zip.exe
- <SYSTEM32>\JavaBr.exe
- C:\cleanup.exe
- C:\kill.exe
- C:\Metendo.txt
- <DRIVERS>\wnksyoob.sys
- <SYSTEM32>\nfqjxvss.txt
- C:\zip.exe
- C:\cleanup.bat
- '<IP-адрес в локальной сети>':80