Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'VMJAVA.exe' = '%WINDIR%\VMJAVA.exe'
- Центр обеспечения безопасности (Security Center)
- '%APPDATA%\UniversalAciveSystem.exe'
- '<SYSTEM32>\reg.exe' ADD "HKLM\Software\Microsoft\Security Center" /v FirewallDisableNotify /t REG_DWORD /d 0x00000001 /f
- '<SYSTEM32>\reg.exe' ADD "HKLM\Software\Microsoft\Security Center" /v AntiVirusDisableNotify /t REG_DWORD /d 0x00000001 /f
- '<SYSTEM32>\reg.exe' ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v AutoConfigUrl /d Z /f
- %WINDIR%\VMJAVA.exe
- %WINDIR%\VMJAVA.log
- C:\VMJAVA.exe
- %APPDATA%\UniversalAciveSystem.exe
- %WINDIR%\Active.bat
- %WINDIR%\Active2.bat
- %WINDIR%\Active2.bat
- %WINDIR%\VMJAVA.log
- %WINDIR%\VMJAVA.exe
- %WINDIR%\Active.bat
- 'www.in####ilconta.info':80
- www.in####ilconta.info/T7PN83A07U244811FDL2/?MD##################################
- www.in####ilconta.info/T7PN83A07U244811FDL2/Z
- DNS ASK www.in####ilconta.info
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''