Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Yhhmgq Refbmoip Cim] 'Start' = '00000002'
- 'C:\server.exe'
- 'C:\Cqvmerjfb_NET.exe'
- 'C:\DNFµЪИэјѕ°ЪМЇІ»µфПЯ.exe'
- '<SYSTEM32>\svchost.exe' -k imgsvc
- '<SYSTEM32>\svchost.exe' -k netsvcs
- C:\Net-Temp.ini
- C:\server.exe
- %WINDIR%\Temp\201262034324.exe
- %PROGRAM_FILES%\Qoui\Nwmrtljiv.pic
- C:\Cqvmerjfb_NET.exe
- C:\DNFµЪИэјѕ°ЪМЇІ»µфПЯ.exe
- C:\NT_patH.bmp
- C:\1409900.dll
- C:\server.exe
- %PROGRAM_FILES%\Qoui\Nwmrtljiv.pic
- C:\DNFµЪИэјѕ°ЪМЇІ»µфПЯ.exe
- C:\Cqvmerjfb_NET.exe
- C:\Cqvmerjfb_NET.exe
- C:\1409900.dll
- C:\Net-Temp.ini
- C:\NT_patH.bmp
- 'tt###.oicp.net':8020
- DNS ASK tt###.oicp.net