Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Inoyikotadoqev' = 'rundll32.exe "%WINDIR%\wiplce.dll",Startup'
- '%TEMP%\dc2df0c1.exe'
- '%TEMP%\044ba1ce.exe'
- '%TEMP%\9bb03982.exe'
- '<SYSTEM32>\rundll32.exe' "%WINDIR%\wiplce.dll",iep
- '<SYSTEM32>\rundll32.exe' "%WINDIR%\wiplce.dll",Startup
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\CAIJ2ZM5.php
- %WINDIR%\urefobaw.dll
- %WINDIR%\wiplce.dll
- %TEMP%\9bb03982.exe
- %TEMP%\044ba1ce.exe
- %TEMP%\dc2df0c1.exe
- '00#####d0622.quaveo.net':80
- 'localhost':1035
- DNS ASK 00#####d0622.quaveo.net
- ClassName: 'Indicator' WindowName: '(null)'