Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ovLICCb' = 'control.exe "%PROGRAM_FILES%\tKB0GiS\ovLICCb.cpl",0,1'
- <SYSTEM32>\rundll32.exe Shell32.dll,Control_RunDLL "%PROGRAM_FILES%\tKB0GiS\ovLICCb.cpl",0,1
- <SYSTEM32>\control.exe "%PROGRAM_FILES%\tKB0GiS\ovLICCb.cpl",0,1
- <SYSTEM32>\rundll32.exe Shell32.dll,Control_RunDLL ""%TEMP%\AQ6AyWs06Dc.dll"",0,-2
- %TEMP%\sing-see-1.4.9.log
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\version[1].php
- %PROGRAM_FILES%\tKB0GiS\ovLICCb.cpl
- %TEMP%\AQ6AyWs06Dc.dll
- %TEMP%\is-2NQK5.tmp\_isetup\_shfoldr.dll
- %TEMP%\nsq2.tmp\inetc.dll
- %TEMP%\sing-see-1.4.9.exe
- %TEMP%\is-2NQK5.tmp\_isetup\_RegDLL.tmp
- %TEMP%\is-U2RQA.tmp\sing-see-1.4.9.tmp
- %TEMP%\nsq2.tmp\inetc.dll
- %TEMP%\AQ6AyWs06Dc.dll
- 'fr####ersion.biz':80
- fr####ersion.biz/version.php?ve########################
- DNS ASK fr####ersion.biz
- '<IP-адрес в локальной сети>':1034
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''