Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'VFXGNxv++pP' = '<LS_APPDATA>\Microsoft\Windows\fgsbcwc.exe'
- '<SYSTEM32>\svchost.exe'
- '%ProgramFiles%\Internet Explorer\IEXPLORE.EXE'
- '<SYSTEM32>\attrib.exe'
- '%WINDIR%\explorer.exe'
- <SYSTEM32>\svchost.exe
- IEXPLORE.EXE
- %WINDIR%\explorer.exe
- <LS_APPDATA>\Microsoft\Windows\fgsbcwc.exe
- %TEMP%\xqdfktxaa.tmp
- %TEMP%\~DF8C99.tmp
- %TEMP%\~DF8D03.tmp
- <Полный путь к файлу>
- %TEMP%\xqdfktxaa.tmp
- '86.##6.131.82':80
- http://86.##6.131.82/QWRsN2srdjlxUUdDYVp0aTBMUzl2Kyt1RlRxanpLWkNDVi9SOFZmQ3daRGg3bnJYOFBTYnpkRFphNWFDS2h4YlZ0bXZxQVVhNi91K29UeHExU3ZoOUViejRhbER0QXFmZThHRFVubys1MU1Oem03ODh1bFR1d0Y=
- http://86.##6.131.82/
- ClassName: 'Edit' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'TopList' WindowName: ''