Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'VFXGNxv++pP' = '<LS_APPDATA>\Microsoft\Windows\uxswkdt.exe'
- '<SYSTEM32>\svchost.exe'
- '%WINDIR%\explorer.exe'
- '<SYSTEM32>\attrib.exe'
- <SYSTEM32>\svchost.exe
- %WINDIR%\explorer.exe
- %TEMP%\nsq3.tmp\System.dll
- %APPDATA%\Crypto.dll
- %APPDATA%\Bogey.z
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\QWRsN2srdjlxUUdDYVp0aTBMUzl2Kyt1RlRLaWM2MEtBMWwyMmFndWRhYWlnWWhEcmRucHdRMVdZRXg4blhpMEI4Z0cwNDhGMFBBdVdCVFMrWXFSYmMzK0FYT...
- %TEMP%\ssmktxbso.tmp
- <LS_APPDATA>\Microsoft\Windows\uxswkdt.exe
- %APPDATA%\reconnect.png
- %APPDATA%\sort_down_light.png
- %APPDATA%\OdorBackgammon.A
- %APPDATA%\AUTHORS
- %APPDATA%\MiniHelp.de.fb2
- %APPDATA%\server.png
- %TEMP%\ssmktxbso.tmp
- '15#.80.8.1':80
- http://15#.80.8.1/QWRsN2srdjlxUUdDYVp0aTBMUzl2Kyt1RlRLaWM2MEtBMWwyMmFndWRhYWlnWWhEcmRucHdRMVdZRXg4blhpMEI4Z0cwNDhGMFBBdVdCVFMrWXFSYmMzK0FYTnVoeVZESWcrY0l3RUE2d2VoM0xqSFBB
- http://15#.80.8.1/
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'shell_traywnd' WindowName: ''