Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Kris' = '%WINDIR%\temp\svhost.exe'
- %WINDIR%\Temp\svhost.exe
- %WINDIR%\Temp\3G°жQQЕ©іЎТ»јьЦъКЦ1.1ХэКЅ°ж.exe
- %WINDIR%\Temp\SkinH_EL.dll
- %WINDIR%\Temp\Vision.skin
- <DRIVERS>\kiss.she
- %WINDIR%\Temp\3G°жQQЕ©іЎТ»јьЦъКЦ1.1ХэКЅ°ж.exe
- %WINDIR%\Temp\svhost.exe
- %WINDIR%\Temp\Vision.skin
- 'wo####np.3322.org':2012
- DNS ASK wo####np.3322.org
- ClassName: 'Shell_TrayWnd' WindowName: ''