Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '{9CC3A661-24C2-C82F-9F33-A764AA156BC9}' = '"%APPDATA%\Abyra\ixve.exe"'
- %APPDATA%\Abyra\ixve.exe
- <Служебный элемент>
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1406' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] '1609' = '00000000'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] '1609' = '00000000'
- %APPDATA%\Obhucu\zisyg.kad
- %TEMP%\tmp1b586b32.bat
- %APPDATA%\Abyra\ixve.exe
- 'ho###slas.so':80
- ho###slas.so/forum/config.bin
- DNS ASK ho###slas.so
- ClassName: 'Indicator' WindowName: ''