Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MalwareRemovalBot' = '<Текущая директория>\MalwareRemovalBot.exe -boot'
- %WINDIR%\Tasks\MalwareRemovalBot Scheduled Scan.job
- %APPDATA%\MalwareRemovalBot\Log\2014 Dec 01 - 01_26_05 AM_250.log
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\info[1]
- 'sp#####db3.2squared.com':80
- sp#####db3.2squared.com/update/info
- DNS ASK sp#####db3.2squared.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''