Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\—34Вµ.dat] 'ImagePath' = '%WINDIR%\—34µ.dat'
- [<HKLM>\System\CurrentControlSet\Services\ZXC713] 'ImagePath' = '<DRIVERS>\ZXC1214.sys'
- [<HKLM>\System\CurrentControlSet\Services\ZXC713] 'Start' = '00000000'
- '—34Вµ.dat' %WINDIR%\—34Вµ.dat
- 'ZXC713' <DRIVERS>\ZXC1214.sys
- %WINDIR%\—34Вµ.dat
- <DRIVERS>\zxc1214.sys
- %WINDIR%\temp\udd96b4.tmp
- %HOMEPATH%\desktop\ˆВЅВ¬™ƒГ¦Г¬Г¤ƒГґГ°ГҐГЇВў.ini
- %WINDIR%\temp\udd96b4.tmp
- 'ke###oot.com':80
- DNS ASK ke###oot.com
- ClassName: '' WindowName: 'Microsoft Internet Explorer'
- ClassName: 'Notepad' WindowName: 'ÎÞ±êÌâ - ¼Çʱ¾'
- '%WINDIR%\syswow64\notepad.exe' %HOMEPATH%\Desktop\ˆВЅВ¬™ƒГ¦Г¬Г„ƒГ”ГђГ…ГЏВў.ini
- '%WINDIR%\syswow64\notepad.exe'