Техническая информация
- winhost.exe
- firefox.exe
- iexplore.exe
- [<HKCU>\Software\Yahoo\pager]
- [<HKCU>\Software\IMVU\username]
- [<HKCU>\Software\IMVU\password]
- [<HKCU>\Software\Paltalk]
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FTP Commander\]
- ClassName: '', WindowName: 'Yahoo! Messenger'
- %TEMP%\krvjiybe.exe
- %TEMP%\winhost.exe
- http://br#####ro.freeiz.com/index.php?ac############################################################################################################
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- DNS ASK br#####ro.freeiz.com
- DNS ASK 00###bhost.com
- DNS ASK microsoft.com
- '%TEMP%\krvjiybe.exe'
- '%TEMP%\winhost.exe'