Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\13402435] 'ImagePath' = 'system32\drivers\16055893.sys'
- '%TEMP%\RarSFX0\tdsskiller.exe'
- C:\TDSSKiller.2.8.18.0_27.06.2013_18.14.02_log.txt
- <DRIVERS>\16055893.sys
- %TEMP%\RarSFX0\ReadMe.url
- %TEMP%\RarSFX0\tdsskiller.exe
- 'su#####.kaspersky.com':80
- su#####.kaspersky.com/viruses/tdsskiller.xml
- DNS ASK su#####.kaspersky.com
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'