Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'HBlock' = '%PROGRAM_FILES%\Target Web ADS\TargetWebADSh.exe'
- %WINDIR%\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
- %PROGRAM_FILES%\Target Web ADS\TargetWebADSb.exe
- %PROGRAM_FILES%\Target Web ADS\TargetWebADSh.exe
- %PROGRAM_FILES%\Target Web ADS\TargetWebADSb.exe
- %PROGRAM_FILES%\Target Web ADS\Uninstall.exe
- %PROGRAM_FILES%\Target Web ADS\TargetWebADS.dll
- %PROGRAM_FILES%\Target Web ADS\TargetWebADSh.exe
- %WINDIR%\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
- 'se####zoeken.com':80
- 'zo####earching.com':80
- 'im#####epository.com':80
- se####zoeken.com/ad_type.php
- zo####earching.com/borders.php
- DNS ASK se####zoeken.com
- DNS ASK zo####earching.com
- DNS ASK im#####epository.com
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''