Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{f92B23AB-jBzE-XxxT-klwn-0000F87A469H}] 'StubPath' = '%APPDATA%\Xel6yo\bvdNuB.exe'
- '<SYSTEM32>\wscript.exe' "<Текущая директория>\tem.vbs"
- '<SYSTEM32>\svchost.exe'
- '%APPDATA%\Xel6yo\bvdNuB.exe' -install
- '%APPDATA%\Xel6yo\bvdNuB.exe'
- <SYSTEM32>\svchost.exe
- ClassName: 'TXGuiFoundation', WindowName: 'µзДФ№ЬјТ - ІЎ¶ѕІйЙ±'
- ClassName: 'TXGuiFoundation', WindowName: '???????? - ????????'
- %WINDIR%\Fonts\RQID.ttf
- %WINDIR%\Fonts\RunQiu.ttf
- %WINDIR%\Fonts\check_main.ttf
- %WINDIR%\Fonts\main_id.ttf
- %WINDIR%\Fonts\HanQiuSheng.ttf
- %APPDATA%\Xel6yo\LiveUDHelper.dll
- %APPDATA%\Xel6yo\bvdNuB.exe
- <Текущая директория>\tem.vbs
- %TEMP%\useless.tmp
- 'j.##dz.win':8080
- 'localhost':1036
- DNS ASK j.##dz.win
- ClassName: '360ClassUploadFileNotify' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''