Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'server' = 'C:\Extracted\26056_1.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{05I41M56-QW07-U20F-YX8T-VB4U6TP4UX63}] 'StubPath' = '"%PROGRAM_FILES%\iNTERNET eXPLORER\IEXPLORE.EXE"'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'server' = 'C:\Extracted\26056_1.exe'
- %HOMEPATH%\Start Menu\Programs\Startup\movei.exe
- 'C:\Extracted\WeB BroWsEr With ProXy.exe'
- 'C:\Extracted\26056_1.exe'
- %WINDIR%\Explorer.EXE
- C:\Extracted\WeB BroWsEr With ProXy.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\myhome[1].php
- %TEMP%\sfx.ini
- C:\Extracted\26056_1.exe
- %TEMP%\sfx.ini
- 'www.sh###search.com':80
- 'localhost':1039
- 'w2#.#o-ip.info':3340
- www.sh###search.com/myhome.php?st#################################
- DNS ASK www.sh###search.com
- DNS ASK w2#.#o-ip.info
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''