Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'SystemDrivers32' = '"%APPDATA%\SystemDriversReserved\pikigoqa.exe"'
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\svchost.exe'
- firefox.exe
- iexplore.exe
- %APPDATA%\SystemDriversReserved\pikigoqa.exe
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- 'pa##ik.ir':80
- pa##ik.ir/desire/ntartup.php?id##################################
- DNS ASK pa##ik.ir
- ClassName: 'Indicator' WindowName: ''