Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'vufmjwjwjylqhcpap' = '<SYSTEM32>\srv935.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\uvgpybyoxlSv] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k DcomSec
- %TEMP%\lse2.tmp
- <SYSTEM32>\svcuvgpyby.dll
- C:\logbot.txt
- %TEMP%\lis1.tmp
- <SYSTEM32>\srv935.exe