Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'FlashPlugin' = '%APPDATA%\Microsoft\FlashPlugin.exe'
- Средство контроля пользовательских учетных записей (UAC)
- opera.exe
- chrome.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\manifest[1].json
- C:\ikpfkoidll\logo.png
- %APPDATA%\Microsoft\FlashPlugin.exe
- C:\ikpfkoidll\manifest.json
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\background[1].js
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\kontrol[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\logo[1].png
- C:\ikpfkoidll\background.js
- 'www.wj##php.com':80
- 'localhost':1036
- www.wj##php.com/x/logo.png
- www.wj##php.com/x/manifest.json
- www.wj##php.com/x/kontrol.txt
- www.wj##php.com/x/background.js
- DNS ASK www.wj##php.com
- ClassName: 'Indicator' WindowName: '(null)'