Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Control\Print\Providers\2922491776] 'Name' = '%TEMP%\2.tmp'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Inoyikotadoqev' = 'rundll32.exe "%WINDIR%\dmctubd.dll",Startup'
- %TEMP%\1e62f67c.exe
- %TEMP%\f777fadf.exe
- %TEMP%\f5245936.exe
- <SYSTEM32>\rundll32.exe "%WINDIR%\dmctubd.dll",iep
- <SYSTEM32>\rundll32.exe "%WINDIR%\dmctubd.dll",Startup
- <SYSTEM32>\spoolsv.exe
- %TEMP%\1.tmp
- %WINDIR%\ivoqoqiwogijanil.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\CA3M8N7T.php
- %TEMP%\f777fadf.exe
- %TEMP%\f5245936.exe
- %WINDIR%\dmctubd.dll
- %TEMP%\1e62f67c.exe
- '01######020d.linkbuzz.net':80
- 'localhost':1036
- DNS ASK 01######020d.linkbuzz.net
- '<IP-адрес в локальной сети>':1037
- ClassName: 'Indicator' WindowName: ''