Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'btss' = '%PROGRAM_FILES%\WIDCOMM\Bluetooth Software\btss.exe'
- '<SYSTEM32>\attrib.exe' -h "<Полный путь к вирусу>"
- '<SYSTEM32>\cmd.exe' /c <Текущая директория>\deleteself.bat
- <Текущая директория>\deleteself.bat
- %PROGRAM_FILES%\WIDCOMM\Bluetooth Software\bin\TEMP\P9d2.tmp
- %PROGRAM_FILES%\WIDCOMM\Bluetooth Software\bin\TEMP\P9d1.tmp
- %PROGRAM_FILES%\WIDCOMM\Bluetooth Software\btss.exe
- %PROGRAM_FILES%\WIDCOMM\Bluetooth Software\bin\TEMP\P9d2.tmp в %PROGRAM_FILES%\WIDCOMM\Bluetooth Software\btss.exe
- %PROGRAM_FILES%\WIDCOMM\Bluetooth Software\bin\TEMP\P9d1.tmp в %PROGRAM_FILES%\WIDCOMM\Bluetooth Software\bin\bss.dll
- '11#.#07.112.169':80
- 11#.#07.112.169/basic/btss/btss.exe
- 11#.#07.112.169/basic/btss/bss.dll
- ClassName: 'MS_WINHELP' WindowName: ''
- ClassName: 'Indicator' WindowName: ''