Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Java' = '%APPDATA%\Java\Java Name.exe'
- '%APPDATA%\Java\Java Name.exe'
- '%TEMP%\2.exe'
- '%TEMP%\1.exe'
- %TEMP%\2.exe
- %APPDATA%\Java\Java Name.exe
- %APPDATA%\Java\Set.bin
- %TEMP%\28AB2.dmp
- %TEMP%\Temp.~exe
- %TEMP%\1.exe
- %TEMP%\dw.log
- %TEMP%\Temp.~exe
- 'ro####od.freeiz.com':80
- 'wp#d':80
- ro####od.freeiz.com/ip.php
- wp#d/wpad.dat
- ro####od.freeiz.com/connect.php
- DNS ASK ro####od.freeiz.com
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'