Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Ps' = '%TEMP%\debug.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] 'Ps' = '%TEMP%\debug.exe'
- %TEMP%\debug.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\3000374236413242374337333644373633330043524E4A45554655000000000000000555524E58594D4156000000000000000000000000[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\3000374236413242374337333644373633330043524E4A45554655000000000000000555524E58594D4156000000000000000000000000Ђ_B%Ђ_X[1]
- %TEMP%\Ps.dll
- %TEMP%\Shinmongol_schedule_xelaxelaxelaxelaxelaxelaxelaxelaxelaxelaxelaxelaxelaxelaxela
- %TEMP%\debug.exe
- 'ma##.#olnews.net':80
- ma##.#olnews.net/3000374236413242374337333644373633330043524E4A45554655000000000000000555524E58594D4156000000000000000000000000?|B####
- ma##.#olnews.net/3000374236413242374337333644373633330043524E4A45554655000000000000000555524E58594D4156000000000000000000000000
- DNS ASK ma##.#olnews.net
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: ''