Техническая информация
- %WINDIR%\explorer.exe
- <SYSTEM32>\rundll32.exe "%TEMP%\GkqWrcYC.dll," AgereEventlog BluetoothGLcdrom
- <SYSTEM32>\rundll32.exe "%TEMP%\RYTfM7xz.dll,DllUnregisterServer" install
- %TEMP%\9jLCXNtg
- %TEMP%\GkqWrcYC.dll
- %TEMP%\nsp2.tmp\SelfDel.dll
- %TEMP%\RYTfM7xz.dll
- %TEMP%\nsp2.tmp\GetVersion.dll
- %TEMP%\nsp2.tmp\System.dll
- %TEMP%\nsp2.tmp\inetc.dll
- %TEMP%\nsp2.tmp\SelfDel.dll
- %TEMP%\nsp2.tmp\System.dll
- %TEMP%\nsp2.tmp\GetVersion.dll
- %TEMP%\nsp2.tmp\inetc.dll
- 'sc####.ovtonde.co.cc':80
- sc####.ovtonde.co.cc/fgcZDjTdF7cR1qO2dHgsnJtgptwraGNmCSZdCqJuU9TjLP7k+pnmmsDm
- sc####.ovtonde.co.cc/hBb7zPfxHk9CqCPj1Tdc43QB+dSogQuIJrCPlHhut3XdyX19rjQ/5SmOdka9fNMpRu5EGs734uwM3Ct+HNlY4wVrz5qqb723sp9HZK7XIiU=
- sc####.ovtonde.co.cc/GxW7pzQ8awrvStjlVPWeAD3klicsDB2WwQeXvrVcHud2hOvhJN1hnKSIOHjRpaTyC9LfVTcFpPAHdoA1
- DNS ASK sc####.ovtonde.co.cc
- ClassName: '#32770' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''