Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\42247758] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\3e8f42de] 'Start' = '00000002'
- <SYSTEM32>\midimap.dll файлом <SYSTEM32>\midimap.dll
- <SYSTEM32>\wshtcpip.dll файлом <SYSTEM32>\wshtcpip.dll
- '<SYSTEM32>\cmd.exe' /c %TEMP%\Coor.bat
- '<SYSTEM32>\regsvr32.exe' /s /c <SYSTEM32>\kakutk.dll
- %TEMP%\Hur.dll
- %TEMP%\nhsu7s.dll
- <SYSTEM32>\naverdsb.dll
- %TEMP%\Coor.bat
- <DRIVERS>\42247758.sys
- %TEMP%\C1.zip
- <DRIVERS>\3e8f42de.sys
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mail[1].asp
- <SYSTEM32>\kakutk.dll
- %TEMP%\B1.zip
- %TEMP%\A1.zip
- <DRIVERS>\42247758.sys
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\mail[1].asp
- <SYSTEM32>\midimap.dll в %TEMP%\e2uqebs
- <SYSTEM32>\wshtcpip.dll в <SYSTEM32>\uaffR
- '19#.#05.210.187':80
- 19#.#05.210.187/kaixin/mail.asp?ma#############################################################################################################################
- ClassName: 'Indicator' WindowName: ''