Trojan.Siggen21.7711

Техническая информация

Для обеспечения автозапуска и распространения

Создает или изменяет следующие файлы

<SYSTEM32>\tasks\telamon cleaner

Изменения в файловой системе

Создает следующие файлы

%TEMP%\tt-inst-sc.txt
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\incognito.22373559.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\incognito.7c0050fd.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\info.5bd06285.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\info.f900f4bc.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\language.a6f8ad28.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\large-files-active.017fed25.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\large-files.6b7da8c8.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\large.edee2d49.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\large_success.ec6f36b9.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\last-pages.715ac269.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\launch-active.fa70a186.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\graph.f69674ba.png
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\hide.15164ec9.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\launch.3c193b4e.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\link.3dd0e581.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\link.6032efb0.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\link.626d08ba.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\link.8e0a1901.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\link.9682f50c.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\link.a8b349ae.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\link.df9cc295.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\lock.d6e850fb.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\menu-options.a8e3940f.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\minus.db59129a.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\notification-active.6140a5c1.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\license-activation.bbff544b.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\link.38b2b97f.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\expansion.2379eba9.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\error.309215c1.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\error.26262d77.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\alert.52af01f8.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\alert.5b6ae652.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\alert.ab3d2628.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\archive.6aff718f.png
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\basket-active.410c4913.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\basket.08447196.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\basket.28ef3a64.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\basket.811779cf.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\basket.c292ac3b.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\basket.e14fd4a6.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\basket_success.b509a21c.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\bg.1ba952b6.png
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\alert.1191a968.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\cache-active.231ac69a.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\cache.653c3b8e.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\cache.8df1f6f6.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\cache.edee2d49.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\cart.45a17efe.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\check.27e8057d.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\check.83248ed0.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\check.8ae6b365.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\check.a0e8b0a5.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\check.a47976cf.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\check.cb5943eb.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\close.a937cef6.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\error.20480913.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\cache.170ed16b.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\notification.a48d7bfd.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\optimizing-active.4f64d5b9.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\optimizing.0a808f2d.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\optimizing.7e7d3b28.svg
%ALLUSERSPROFILE%\telamon cleaner\logs\tt-cln-app-2023-07-10-18-57-32.log
%HOMEPATH%\desktop\telamon cleaner.lnk
%APPDATA%\microsoft\windows\start menu\programs\telamon cleaner\telamon cleaner.lnk
%APPDATA%\microsoft\internet explorer\quick launch\user pinned\taskbar\telamon cleaner.lnk
%APPDATA%\microsoft\windows\start menu\programs\telamon cleaner\telamon cleaner uninstall.lnk
%ALLUSERSPROFILE%\telamon cleaner\stat.tt
%ALLUSERSPROFILE%\telamon cleaner\logs\tt-cln-app-2023-07-10-18-57-44.log
%WINDIR%\temp\cabd265.tmp
%WINDIR%\temp\tard266.tmp
%WINDIR%\temp\cabd380.tmp
%WINDIR%\temp\tard381.tmp
%WINDIR%\temp\cabd3e0.tmp
%WINDIR%\temp\tard3f0.tmp
%WINDIR%\temp\cabd430.tmp
%WINDIR%\temp\tard431.tmp
%WINDIR%\temp\cabd470.tmp
%WINDIR%\temp\tard471.tmp
%WINDIR%\temp\cabd4c0.tmp
%WINDIR%\temp\tard4c1.tmp
%WINDIR%\temp\cabd58d.tmp
%WINDIR%\temp\tard58e.tmp
%WINDIR%\temp\cabd5dd.tmp
%WINDIR%\temp\tard5de.tmp
%WINDIR%\temp\cabd6e8.tmp
%WINDIR%\temp\tard6e9.tmp
%WINDIR%\temp\cabd767.tmp
%WINDIR%\temp\tard768.tmp
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\virus_success.2d216ac1.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\virus.f2fabc80.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\virus_error.28529d0d.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\virus.56b6669e.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\pause.e89bd789.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\pause.f7005af9.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\plus.1eb6b2e6.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\refresh.3c1a10bd.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\registry-active.6951662d.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\registry.09ceb769.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\registry.302526f5.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\registry.8cd67b72.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\registry.e844022a.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\registry_success.efbf644e.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\rubik-light.7a06846b.ttf
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\rubik-regular.b3d0902b.ttf
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\settings.8f73e050.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\small-check.2f9d4c4f.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\smart-scan-active.b8f17045.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\smart-scan.e0f5b03c.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\stop.e89bd789.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\system-trash-active.7c4a1fe2.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\system-trash.a3d98939.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\uninstall-active.feb5fa6a.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\uninstall.15dd42e9.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\uninstall.bb48c0e2.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\uninstall.edfbf689.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\updates.63740790.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\virus-active.35307143.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\virus.0391572d.svg
%ALLUSERSPROFILE%\telamon cleaner\ui\static\media\virus.39255d86.svg
%WINDIR%\temp\cabd872.tmp
%ALLUSERSPROFILE%\telamon cleaner\ui\static\js\runtime-main.c2f949a0.js.map
%ALLUSERSPROFILE%\telamon cleaner\ui\static\js\runtime-main.c2f949a0.js
%ALLUSERSPROFILE%\telamon cleaner\ui\static\js\main.e31c6497.chunk.js.map
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-synch-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-synch-l1-2-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-sysinfo-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-timezone-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-util-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-xstate-l2-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-conio-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-convert-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-environment-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-filesystem-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-heap-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-rtlsupport-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-string-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-locale-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-private-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-process-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-runtime-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-stdio-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-string-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-time-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-utility-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\concrt140.dll
%ALLUSERSPROFILE%\telamon cleaner\d3dcompiler_47.dll
%ALLUSERSPROFILE%\telamon cleaner\libcurl.dll
%ALLUSERSPROFILE%\telamon cleaner\libegl.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-math-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-crt-multibyte-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-profile-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-processthreads-l1-1-1.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-processthreads-l1-1-0.dll
%WINDIR%\temp\cab9684.tmp
%WINDIR%\temp\tar9685.tmp
%WINDIR%\temp\cab9c12.tmp
%WINDIR%\temp\tar9c13.tmp
%WINDIR%\temp\cab9c81.tmp
%WINDIR%\temp\tar9c82.tmp
%WINDIR%\temp\cab9dea.tmp
%WINDIR%\temp\tar9deb.tmp
%WINDIR%\temp\cabdb0b.tmp
%WINDIR%\temp\tardb0c.tmp
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-console-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-console-l1-2-0.dll
%TEMP%\ttclninst\tmp\sciter.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-datetime-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-errorhandling-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-file-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-file-l1-2-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-file-l2-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-handle-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-heap-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-interlocked-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-libraryloader-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-localization-l1-2-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-memory-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-namedpipe-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-processenvironment-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\api-ms-win-core-debug-l1-1-0.dll
%ALLUSERSPROFILE%\telamon cleaner\libglesv2.dll
%ALLUSERSPROFILE%\telamon cleaner\mrmsupport.dll
%ALLUSERSPROFILE%\telamon cleaner\msvcp140.dll
%ALLUSERSPROFILE%\telamon cleaner\msvcp140_1.dll
%ALLUSERSPROFILE%\telamon cleaner\images\threat_notification_black_border_blank_buy_button.png
%ALLUSERSPROFILE%\telamon cleaner\images\trial_alert.png
%ALLUSERSPROFILE%\telamon cleaner\images\uninstall_offer.png
%ALLUSERSPROFILE%\telamon cleaner\images\update_offer.gif
%ALLUSERSPROFILE%\telamon cleaner\language\english.lng
%ALLUSERSPROFILE%\telamon cleaner\language\russian.lng
%ALLUSERSPROFILE%\telamon cleaner\language\spanish.lng
%ALLUSERSPROFILE%\telamon cleaner\platforms\qwindows.dll
%ALLUSERSPROFILE%\telamon cleaner\resources\icudtl.dat
%ALLUSERSPROFILE%\telamon cleaner\resources\qtwebengine_devtools_resources.pak
%ALLUSERSPROFILE%\telamon cleaner\resources\qtwebengine_resources.pak
%ALLUSERSPROFILE%\telamon cleaner\resources\qtwebengine_resources_100p.pak
%ALLUSERSPROFILE%\telamon cleaner\resources\qtwebengine_resources_200p.pak
%ALLUSERSPROFILE%\telamon cleaner\styles\qwindowsvistastyle.dll
%ALLUSERSPROFILE%\telamon cleaner\translations\qtwebengine_locales\en-us.pak
%ALLUSERSPROFILE%\telamon cleaner\ui\asset-manifest.json
%ALLUSERSPROFILE%\telamon cleaner\ui\favicon.ico
%ALLUSERSPROFILE%\telamon cleaner\ui\index.html
%ALLUSERSPROFILE%\telamon cleaner\ui\manifest.json
%ALLUSERSPROFILE%\telamon cleaner\ui\precache-manifest.4791a96b40638b7bce1fa8447902dea9.js
%ALLUSERSPROFILE%\telamon cleaner\ui\qwebchannel.js
%ALLUSERSPROFILE%\telamon cleaner\ui\robots.txt
%ALLUSERSPROFILE%\telamon cleaner\ui\service-worker.js
%ALLUSERSPROFILE%\telamon cleaner\ui\static\css\main.72a5c625.chunk.css
%ALLUSERSPROFILE%\telamon cleaner\ui\static\css\main.72a5c625.chunk.css.map
%ALLUSERSPROFILE%\telamon cleaner\ui\static\js\2.010f4851.chunk.js
%ALLUSERSPROFILE%\telamon cleaner\ui\static\js\2.010f4851.chunk.js.map
%ALLUSERSPROFILE%\telamon cleaner\images\special_next_event_offer.png
%ALLUSERSPROFILE%\telamon cleaner\images\payment_offer.png
%ALLUSERSPROFILE%\telamon cleaner\images\special_event_offer.gif
%ALLUSERSPROFILE%\telamon cleaner\images\block_offer_black_border_blank_buy_button.png
%ALLUSERSPROFILE%\telamon cleaner\msvcp140_2.dll
%ALLUSERSPROFILE%\telamon cleaner\opengl32sw.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5core.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5gui.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5network.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5positioning.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5printsupport.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5qml.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5qmlmodels.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5quick.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5quickwidgets.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5webchannel.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5webenginecore.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5webenginewidgets.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5widgets.dll
%ALLUSERSPROFILE%\telamon cleaner\qt5winextras.dll
%ALLUSERSPROFILE%\telamon cleaner\qtwebengineprocess.exe
%ALLUSERSPROFILE%\telamon cleaner\tt-cleaner.exe
%ALLUSERSPROFILE%\telamon cleaner\ucrtbase.dll
%ALLUSERSPROFILE%\telamon cleaner\vccorlib140.dll
%ALLUSERSPROFILE%\telamon cleaner\vcruntime140.dll
%ALLUSERSPROFILE%\telamon cleaner\zlib1.dll
%ALLUSERSPROFILE%\telamon cleaner\config\autorunconfig.xml
%ALLUSERSPROFILE%\telamon cleaner\fonts\proximanova-regular.ttf
%ALLUSERSPROFILE%\telamon cleaner\fonts\rubik-regular.ttf
%ALLUSERSPROFILE%\telamon cleaner\imageformats\qgif.dll
%ALLUSERSPROFILE%\telamon cleaner\images\after_activation.png
%ALLUSERSPROFILE%\telamon cleaner\ui\static\js\main.e31c6497.chunk.js
%WINDIR%\temp\tard873.tmp

Удаляет следующие файлы

%WINDIR%\temp\cab9684.tmp
%WINDIR%\temp\tard768.tmp
%WINDIR%\temp\cabd767.tmp
%WINDIR%\temp\tard6e9.tmp
%WINDIR%\temp\cabd6e8.tmp
%WINDIR%\temp\tard5de.tmp
%WINDIR%\temp\cabd5dd.tmp
%WINDIR%\temp\tard58e.tmp
%WINDIR%\temp\cabd58d.tmp
%WINDIR%\temp\tard4c1.tmp
%WINDIR%\temp\cabd4c0.tmp
%WINDIR%\temp\tard471.tmp
%WINDIR%\temp\cabd470.tmp
%WINDIR%\temp\tard431.tmp
%WINDIR%\temp\cabd430.tmp
%WINDIR%\temp\cabd872.tmp
%WINDIR%\temp\tard3f0.tmp
%WINDIR%\temp\tard381.tmp
%WINDIR%\temp\cabd380.tmp
%WINDIR%\temp\tard266.tmp
%WINDIR%\temp\cabd265.tmp
%ALLUSERSPROFILE%\telamon cleaner\stat.tt
%WINDIR%\temp\tardb0c.tmp
%WINDIR%\temp\cabdb0b.tmp
%WINDIR%\temp\tar9deb.tmp
%WINDIR%\temp\cab9dea.tmp
%WINDIR%\temp\tar9c82.tmp
%WINDIR%\temp\cab9c81.tmp
%WINDIR%\temp\tar9c13.tmp
%WINDIR%\temp\cab9c12.tmp
%WINDIR%\temp\tar9685.tmp
%WINDIR%\temp\cabd3e0.tmp
%WINDIR%\temp\tard873.tmp

Сетевая активность

Подключается к

'ap#.##plitude.com':443
'up####.#elamoncleaner.com':443
'co####.#elamoncleaner.com':443
'ti##.##lamoncleaner.com':80
'ti##.##lamoncleaner.com':443
'oc##.#ectigo.com':80
'up####.#elamoncleaner.com':80
'pb.####moncleaner.com':443
'st##.##lamoncleaner.com':443
'x1.#.lencr.org':80
'r3.#.lencr.org':80

TCP

Запросы HTTP GET

http://ti##.##lamoncleaner.com/
http://oc##.#ectigo.com/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRDC9IOTxN6GmyRjyTl2n4yTUczyAQUjYxexFStiuF36Zv5mwXhuAGNYeECEQCosMMFV76EKwZ41Nt01Kv1
http://x1.#.lencr.org/
http://r3.#.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBRI2smg%2ByvTLU%2Fw3mjS9We3NfmzxAQUFC6zF7dYVsuuUAlA5h%2BvnYsUwsYCEgOAYudOeHlZ9Njsvg1PvFd9%2Bw%3D%3D

Другие

'ap#.##plitude.com':443
'up####.#elamoncleaner.com':443
'pb.####moncleaner.com':443

UDP

DNS ASK ap#.##plitude.com
DNS ASK up####.#elamoncleaner.com
DNS ASK co####.#elamoncleaner.com
DNS ASK ti##.##lamoncleaner.com
DNS ASK oc##.#ectigo.com
DNS ASK pb.####moncleaner.com
DNS ASK st##.##lamoncleaner.com
DNS ASK x1.#.lencr.org
DNS ASK r3.#.lencr.org

Другое

Создает и запускает на исполнение

'%ALLUSERSPROFILE%\telamon cleaner\tt-cleaner.exe' "--install" "--clid=" "--partner=np" "--l=b"
'%ALLUSERSPROFILE%\telamon cleaner\tt-cleaner.exe'
'%WINDIR%\syswow64\schtasks.exe' /create /sc "onlogon" /tn "Telamon Cleaner" /tr "\"%ALLUSERSPROFILE%\Telamon Cleaner\tt-cleaner.exe\" --autorun" /rl "highest"' (со скрытым окном)
'%WINDIR%\syswow64\schtasks.exe' /create /tn "Telamon Cleaner Autorun After Wake Up" /XML "%ALLUSERSPROFILE%\Telamon Cleaner\config\autorunConfig.xml"' (со скрытым окном)

Запускает на исполнение

'%WINDIR%\syswow64\schtasks.exe' /create /sc "onlogon" /tn "Telamon Cleaner" /tr "\"%ALLUSERSPROFILE%\Telamon Cleaner\tt-cleaner.exe\" --autorun" /rl "highest"
'%WINDIR%\syswow64\schtasks.exe' /create /tn "Telamon Cleaner Autorun After Wake Up" /XML "%ALLUSERSPROFILE%\Telamon Cleaner\config\autorunConfig.xml"

Технологии

Термины

Обучение и просвещение

Мифы

Техническая информация

Рекомендации по лечению

Демо бесплатно на 14 дней