Technical Information
- [<HKLM>\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe] 'Debugger' = '%ProgramFiles(x86)%\AV8\av8.exe -d'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'AV8' = '%ProgramFiles(x86)%\AV8\av8.exe'
- %HOMEPATH%\desktop\antivirus8.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\av8\antivirus8.lnk
- %ALLUSERSPROFILE%\microsoft\windows\start menu\av8\uninstall.lnk
- 'ya##o.com':80
- 'ya##o.com':443
- 'microsoft.com':80
- http://ya##o.com/
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- 'ya##o.com':443
- DNS ASK ya##o.com
- DNS ASK tr####ormers7.com
- DNS ASK microsoft.com