Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\GoogleChromeServcie] 'Start' = '00000002'
- [<HKLM>\SYSTEM\ControlSet001\Services\ufad-dns60] 'Start' = '00000002'
- <SYSTEM32>\Google\GoogleUpdate.exe -install
- C:\psgyQxQpsnuc.exe
- <SYSTEM32>\ntvdm.exe -f -i1
- <SYSTEM32>\svchost.exe -kufad-dns60
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0J2LM5OP\Bak[1].Txt
- <SYSTEM32>\Google\job.xml
- <SYSTEM32>\Google\java.exe
- C:\wmtoSBxSBeik.dll
- C:\psgyQxQpsnuc.exe
- <SYSTEM32>\google_guid.dat
- <SYSTEM32>\Google\GoogleUpdate.exe
- <SYSTEM32>\google_guid.dat
- <SYSTEM32>\VlrqXNpYIJM.dll
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0J2LM5OP\Bak[1].Txt
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- '27####87.vicp.cc':49908
- 'iw###.imbbs.in':8081
- '49###.vicp.cc':80
- 'ig#####google.imblog.in':10001
- 'ij####ava.imzone.in':80
- 'ig#####google.imblog.in':80
- 49###.vicp.cc/Bak.Txt
- ij####ava.imzone.in/job.xml
- ij####ava.imzone.in/java.exe
- DNS ASK iw###.imbbs.in
- DNS ASK 49###.vicp.cc
- DNS ASK 27####87.vicp.cc
- DNS ASK ig#####google.imblog.in
- DNS ASK ij####ava.imzone.in
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-b9c.ba0.3b0001'