Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Update.exe' = '"%TEMP%\Secure-Soft Stealer\Update.exe"'
- %HOMEPATH%\Start Menu\Programs\Startup\winlogon.pif
- '%TEMP%\Secure-Soft Stealer\Update.exe'
- '%TEMP%\3hi0doqx.jqn.$$$$$$$$$'
- '<SYSTEM32>\wscript.exe' "%TEMP%\Autorun.vbs"
- '<SYSTEM32>\attrib.exe' +H +A +S "<Полный путь к вирусу>"
- ICQ.exe
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Trillian]
- [<HKLM>\SOFTWARE\Miranda]
- [<HKCU>\Software\FTPWare\COREFTP\Sites]
- %TEMP%\Autorun.vbs
- %TEMP%\Secure-Soft Stealer\Update.exe
- %TEMP%\3hi0doqx.jqn.$$$$$$$$$
- <Полный путь к вирусу>
- 'be######-izle.site90.net':80
- be######-izle.site90.net/kanallar/haber/sevdim/sevmedim/ne%20alakaamk/creater.php
- DNS ASK be######-izle.site90.net
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''