Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'windefender' = '%APPDATA%\Install\windefender.exe'
- '%APPDATA%\Install\windefender.exe'
- %APPDATA%\Install\ntfs.dat
- %TEMP%\nsx2.tmp\System.dll
- %TEMP%\nsi4.tmp\System.dll
- %APPDATA%\Install\windefender.exe
- %TEMP%\Hizumuma.dll
- %TEMP%\mirijiqa.dll
- %TEMP%\xivoqeji.dll
- %TEMP%\Jijaze.axo
- %TEMP%\mirijiqa.dll
- %TEMP%\Jijaze.axo
- %TEMP%\nsi4.tmp\System.dll
- %TEMP%\nsx2.tmp\System.dll
- %TEMP%\Hizumuma.dll
- %TEMP%\xivoqeji.dll
- '88###dro.net':80
- http://88###dro.net/insider/loading.php
- DNS ASK 88###dro.net
- ClassName: 'Indicator' WindowName: ''