Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Qxkspq Jywtfhfn Lck] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k imgsvc
- <SYSTEM32>\svchost.exe -k netsvcs
- C:\NT_Path.old
- %WINDIR%\temp2052900.dll
- %PROGRAM_FILES%\Xprsaxigb.jpg
- C:\Net-Temp.ini
- %TEMP%\patch.~wnp
- %TEMP%\iexpoler.exe
- %TEMP%\<Имя вируса>.exe
- %TEMP%\patch.wnp
- %TEMP%\svchsot.exe
- %PROGRAM_FILES%\Xprsaxigb.jpg
- %TEMP%\svchsot.exe
- %WINDIR%\temp2052900.dll
- C:\Net-Temp.ini
- C:\NT_Path.old
- 'hz####.meibu.com':8000
- DNS ASK hz####.meibu.com
- ClassName: 'Shell_TrayWnd' WindowName: ''