Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'WinTouch' = '%PROGRAM_FILES%\WinTouch\WinTouch.exe'
- %PROGRAM_FILES%\WinTouch\WinTouch.exe (загружен из сети Интернет) /install
- %WINDIR%\xblvs.exe (загружен из сети Интернет)
- %PROGRAM_FILES%\WinTouch\WinTouch.exe
- %TEMP%\WinTouch.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\upd[1].php
- %WINDIR%\xblvs.exe
- %TEMP%\xblvs.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\upd[1].php
- %PROGRAM_FILES%\WinTouch\wintouch.cfg
- %TEMP%\wintouch.cfg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\upd[1].php
- %PROGRAM_FILES%\WinTouch\WTUninstaller.exe
- %TEMP%\WTUninstaller.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\upd[1].php
- %TEMP%\WinTouch.exe
- %TEMP%\xblvs.exe
- %TEMP%\wintouch.cfg
- %TEMP%\WTUninstaller.exe
- 'www.wi###ouch.com':80
- www.wi###ouch.com/upd.php?wt####################################################################################################
- www.wi###ouch.com/upd.php?wt####################################
- DNS ASK www.wi###ouch.com