Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Jjnephzvngg Zmdkekcm Cso Ynmol] 'Start' = '00000002'
- %PROGRAM_FILES%\Xixxui Bnniakpp\explorer.exe
- %WINDIR%\explorer.exe /idlist,:260:2840,%PROGRAM_FILES%
- %PROGRAM_FILES%\Kxvldxdbyh\5172
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\id[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\id[1].txt
- %PROGRAM_FILES%\Kxvldxdbyh\Path.rcd
- %PROGRAM_FILES%\Xixxui Bnniakpp\explorer.exe
- %PROGRAM_FILES%\Kxvldxdbyh\16245
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\id[1].txt
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\id[1].txt
- %PROGRAM_FILES%\Kxvldxdbyh\Path.rcd
- 'cp#.#8wg.com':80
- cp#.#8wg.com/id.txt
- DNS ASK cp#.#8wg.com
- ClassName: '' WindowName: '????'
- ClassName: 'PPLAbmWindow' WindowName: ''
- ClassName: '' WindowName: '??????????????????????'
- ClassName: 'MacromediaFlashPlayerActiveX' WindowName: ''
- ClassName: '???????? - ???????????????? - ????????????' WindowName: ''
- ClassName: 'FlashPlayer' WindowName: ''
- ClassName: '' WindowName: '??????????'
- ClassName: '' WindowName: '????????????'
- ClassName: 'CabinetWClass' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'PPTV????????' WindowName: ''
- ClassName: 'PPL Flash Window' WindowName: ''
- ClassName: '' WindowName: '????????'
- ClassName: 'PPS????????' WindowName: ''