Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\MediaServices] 'Start' = '00000002'
- %TEMP%\Dow.exe
- %TEMP%\Dod.exe
- <SYSTEM32>\cmd.exe /c ""<SYSTEM32>\hfblddel.bat" "
- <SYSTEM32>\svchost.exe -k krnlsrvc
- <SYSTEM32>\hfblddel.bat
- %TEMP%\197984_res.tmp
- %TEMP%\197406_res.tmp
- %TEMP%\Dod.exe
- %TEMP%\Dow.exe
- <SYSTEM32>\RkmhteC.dll
- <SYSTEM32>\RumptiC.dll
- %TEMP%\Dow.exe
- %TEMP%\Dod.exe
- %TEMP%\197984_res.tmp в <SYSTEM32>\RkmhteC.dll
- %TEMP%\197406_res.tmp в <SYSTEM32>\RumptiC.dll
- 'lg##.2288.org':1800
- DNS ASK lg##.2288.org