Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'TeeHeeReg' = '%WINDIR%\winlog.exe'
- %WINDIR%\winlog.exe \erit "<Полный путь к вирусу>"
- %WINDIR%\kaurs.kaf
- %WINDIR%\WinMemoryAsgn1256736642.exe
- %WINDIR%\winlog.exe
- %WINDIR%\winlog.exe
- %WINDIR%\WinMemoryAsgn1256736642.exe
- 'fd#.###dns-at-work.com':3175
- DNS ASK fd#.###dns-at-work.com