Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{88EB3725-F97E-4C37-9CE8-0A928A20320C}] 'StubPath' = '"%APPDATA%\Google Products\Defrag.exe" -w'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Google Products' = '"%APPDATA%\Google Products\Defrag.exe" -w'
- '%APPDATA%\Google Products\Defrag.exe'
- '%APPDATA%\Google Products\Defrag.exe' -w
- '%APPDATA%\Google Products\Defrag.exe' -m "<Полный путь к вирусу>"
- %APPDATA%\Google Products\Defrag.exe
- %APPDATA%\Google Products\Defrag.exe
- 'bi###utod.ru':443
- DNS ASK bi###utod.ru