Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Winfile.exe' = 'C:\ProgramData\Winfile.exe'
- '<SYSTEM32>\rundll32.exe' Shell32.DLL, Control_RunDLL C:\ProgramData\Update2014.cpl
- C:\ProgramData\Winfile.exe
- C:\ProgramData\Update2014.cpl
- C:\ProgramData\IMG.jpg
- %TEMP%\aut1.tmp
- %TEMP%\res.ico
- %TEMP%\res.ico2
- C:\ProgramData\IMG.jpg
- C:\ProgramData\Update2014.cpl
- C:\ProgramData\Winfile.exe
- %TEMP%\aut1.tmp
- 'bi##y.com':80
- '46.##5.16.53':80
- bi##y.com/1bRPamp
- 46.##5.16.53/CPL_aiashdasuhiuasHIUDHAIUaushdiaIDhAUIDHasUdhasdiasuhd.2
- 46.##5.16.53/KL_iahdsahuisahiudsahdusahuidsahidusahuidsh12736378agGHDJAS.1
- DNS ASK bi##y.com
- ClassName: 'Indicator' WindowName: ''