Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe,%APPDATA%\skype.dat'
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\moyxlz-hacz-nlig_fitg_efrpxa-qqtaordauzmzbfuhpvkiyadtihitya-gnwk-oxcm-zfdyczqfitfnbx-lyyh-oqjb_[1].html
- %APPDATA%\skype.ini
- %APPDATA%\skype.dat
- 'pr#######reativeservices.com':80
- pr#######reativeservices.com/news/moyxlz-hacz-nlig_fitg_efrpxa-qqtaordauzmzbfuhpvkiyadtihitya-gnwk-oxcm-zfdyczqfitfnbx-lyyh-oqjb_.html
- DNS ASK pr#######reativeservices.com