Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Internet Helper Service' = '%HOMEPATH%\machinadeus\<Имя вируса>.exe'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- %HOMEPATH%\machinadeus\<Имя вируса>.exe
- %HOMEPATH%\machinadeus\<Имя вируса>.exe
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- 'localhost':1041
- 'www.li###ucks.com':80
- 'ad##c.us':80
- 'wp#d':80
- 'my##nc.com':80
- 'hi##eap.com':80
- www.li###ucks.com/A75NY
- ad##c.us/2615791
- hi##eap.com/log-in
- wp#d/wpad.dat
- my##nc.com//botReport.php?ui################################################################################
- hi##eap.com/log-in
- DNS ASK www.li###ucks.com
- DNS ASK ad##c.us
- DNS ASK hi##eap.com
- DNS ASK wp#d
- DNS ASK my##nc.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''