Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MTrl' = '"%APPDATA%\Application\mtrl.exe"'
- %ALLUSERSPROFILE%\Application Data\ccmmE.exe %APPDATA%\Application\mtrl.exe 5.0.0.0 pop.mail.yahoo.com paradisejohn@rocketmail.com @onn2@onn2
- %APPDATA%\Application\mtrl.exe
- %ALLUSERSPROFILE%\Application Data\bpInfo.exe %APPDATA%\Adobe\Update
- <SYSTEM32>\taskkill.exe /F /IM "bpInfo.exe"
- %APPDATA%\Adobe\Update\CpR2f
- %ALLUSERSPROFILE%\Application Data\ccmmE.exe
- %TEMP%\af158676-3ce7-43b5-bfd8-67f09381a4a1.jpg
- %ALLUSERSPROFILE%\Application Data\bpInfo.exe
- %APPDATA%\Application\mtrl.exe
- %ALLUSERSPROFILE%\Application Data\bpInfo.exe
- 'sm##.##il.yahoo.com.br':25
- '74.##5.232.51':80
- DNS ASK sm##.##il.yahoo.com.br
- DNS ASK www.google.com
- ClassName: '' WindowName: ''
- ClassName: 'Indicator' WindowName: ''