Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'notepad-enUS-274725' = '%HOMEPATH%\Local Settings\History\0FEBFBFF000206C2xx\notepad-enUS-274725.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'firefox-modul-57508' = '%APPDATA%\0FEBFBFF000206C2xx\firefox-modul-57508.exe'
- %HOMEPATH%\Local Settings\History\0FEBFBFF000206C2xx\notepad-enUS-274725.exe
- %APPDATA%\0FEBFBFF000206C2xx\firefox-modul-57508.exe
- %HOMEPATH%\Local Settings\History\0FEBFBFF000206C2xx\notepad-enUS-274725.exe
- %APPDATA%\0FEBFBFF000206C2xx\firefox-modul-57508.exe
- 'at.#xnet.to':80
- 'wp#d':80
- wp#d/wpad.dat
- at.#xnet.to/kp/connect.php
- DNS ASK at.#xnet.to
- DNS ASK wp#d