Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'helperTumucumaque' = '%PROGRAM_FILES%\firefox\uninstall\tumucumaquehelper.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] 'SystemWindows' = '%PROGRAM_FILES%\internet explorer\iedwwindows.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'FrameworkMicrosoft' = '%PROGRAM_FILES%\internet explorer\mui\0409\frameworkmicrosoft.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '<Имя вируса>' = '<Полный путь к вирусу>'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] '<Имя вируса>' = '<Полный путь к вирусу>'
- <Служебный элемент>
- %PROGRAM_FILES%\FireFox\uninstall\Tumucumaquehelper.exe
- %PROGRAM_FILES%\Internet Explorer\MUI\0409\FrameworkMicrosoft.exe
- %PROGRAM_FILES%\Internet Explorer\iedwWindows.exe
- 'localhost':1039
- DNS ASK google.com
- DNS ASK ya##o.com
- DNS ASK ht#####bhistorysite.us
- DNS ASK 13#######3.web-testkeyboard.eu
- DNS ASK 13#######9.web-testkeyboard.eu