Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'vnet' = '%ALLUSERSPROFILE%\Start Menu\Programs\Startup\Chrome.exe'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\Chrome.exe
- '%HOMEPATH%\Local Settings\Tempserver.exe'
- '%WINDIR%\ptKhtZpcwqD5w2ONRBID.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new
- %HOMEPATH%\Local Settings\Tempserver.exe
- %WINDIR%\ptKhtZpcwqD5w2ONRBID.exe
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\tasks[1].php
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.new в %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.new в %WINDIR%\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
- 'www.me####e.netai.ne':80
- www.me####e.netai.ne/WebPanel/adduser.php?ui###############################################################################################################################################################
- www.me####e.netai.ne/WebPanel/tasks.php?ui###################################################
- DNS ASK www.me####e.netai.ne
- ClassName: 'Indicator' WindowName: ''