Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'tvncontrol' = '"%TEMP%\tvnserver.exe" -controlservice -slave'
- [<HKLM>\SYSTEM\ControlSet001\Services\tvnserver] 'Start' = '00000002'
- '%TEMP%\tvnserver.exe' -install -silent
- '%TEMP%\tvnserver.exe' -stop -silent
- '%TEMP%\tvnserver.exe' -remove -silent
- '%TEMP%\Destek.exe' P
- '%TEMP%\guncelle.exe' 1 uzakbaglanti 1.11
- '%WINDIR%\regedit.exe' /s %TEMP%\Reg.reg
- %TEMP%\PLibrary.dll
- %TEMP%\Reg.reg
- %TEMP%\Destek.exe
- %TEMP%\guncelle.exe
- %TEMP%\tvnserver.exe
- %TEMP%\tvnviewer.exe
- %TEMP%\screenhooks32.dll
- %TEMP%\set.mst
- 'su#####.uzakbaglanti.com':8087
- 'www.me####azilim.com':80
- www.me####azilim.com/guncelle/guncelleme.php?ad#######################
- DNS ASK su#####.uzakbaglanti.com
- DNS ASK www.me####azilim.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''