Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'kejogad' = 'Rundll32.exe "<SYSTEM32>\fokitap.dll" s'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'LoadAppInit_DLLs' = '00000001'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = '<SYSTEM32>\fokitap.dll'
- <SYSTEM32>\rundll32.exe "<SYSTEM32>\fokitap.dll" s
- <SYSTEM32>\fokitap.dll
- 'www.av####2011pro.com':80
- www.av####2011pro.com/cb/exe_in_db.php?ui#################################################
- DNS ASK www.av####2011pro.com