Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MalwareRemoval' = '%PROGRAM_FILES%\MalwareRemoval\MalwareRemoval.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MalwareKiller' = '%PROGRAM_FILES%\MalwareRemoval\MalwareKiller.exe'
- '%PROGRAM_FILES%\MalwareRemoval\MalwareKiller.exe'
- %PROGRAM_FILES%\MalwareRemoval\Uninstall.exe
- %PROGRAM_FILES%\MalwareRemoval\Security Center.exe
- %PROGRAM_FILES%\MalwareRemoval\MalwareRemoval.exe
- %APPDATA%\<Имя вируса>\spl.ini
- %PROGRAM_FILES%\MalwareRemoval\MalwareKiller.exe
- 'wo####ominators.com':80
- http://wo####ominators.com/
- DNS ASK wo####ominators.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''