Техническая информация
- [<HKLM>\SOFTWARE\Classes\HTTP\shell\open\command] '' = '"%TEMP%\GoogleChrome portatil.exe" -- "%1"'
- '%TEMP%\portatil.exe'
- '%TEMP%\portatil.exe' (загружен из сети Интернет)
- '<SYSTEM32>\taskkill.exe' /F /IM firefox.exe /T
- firefox.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\fish[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\holy[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\sfx[1].exe
- %TEMP%\portatil.exe
- 'www.po#######etivosx.net2.com.br':80
- '19#.#93.112.253':80
- www.po#######etivosx.net2.com.br/home/holy.txt
- www.po#######etivosx.net2.com.br/home/fish.txt
- 19#.#93.112.253/sfx.exe
- DNS ASK www.po#######etivosx.net2.com.br
- ClassName: '(null)' WindowName: '(null)'