Техническая информация
- '<Текущая директория>\UpDate KeyAntivirus.exe'
- '<Текущая директория>\UpDate KeyAntivirus.exe' (загружен из сети Интернет)
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- <Текущая директория>\UpDate KeyAntivirus.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\up[1].exee
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\pro[1].ver
- <SYSTEM32>\PerfStringBackup.TMP
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\up[1].exee
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\pro[1].ver
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\up[1].exee
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\pro[1].ver
- 'ne###fo.bl.ee':80
- ne###fo.bl.ee/up_for_KA/info.new
- ne###fo.bl.ee/up.exee
- ne###fo.bl.ee/pro.ver
- ne###fo.bl.ee/nod32.logkey
- DNS ASK ne###fo.bl.ee
- ClassName: 'Shell_TrayWnd' WindowName: ''