Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe,%APPDATA%\skype.dat'
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\svchost.exe
- %APPDATA%\skype.ini
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\pzturnndgk-jkppphwihccbdfpmuqbcht-xcte-owdnbi-eyrq-wpdm-jprq-ptbq-dwxfyelggk-oxjpcurtiixt-lagl[1].php
- %APPDATA%\skype.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\ltblcrkg-oxpydrrcea_vppf-vlno-orjk-fvqrprmyftpljl-glwbnosytmoeoe-rqdd-nswk-xcxcjzvqkg-rtdglztw[1].php
- 'gh##c.su':80
- 'fa##m.com':80
- gh##c.su/pzturnndgk-jkppphwihccbdfpmuqbcht-xcte-owdnbi-eyrq-wpdm-jprq-ptbq-dwxfyelggk-oxjpcurtiixt-lagl.php
- fa##m.com/ltblcrkg-oxpydrrcea_vppf-vlno-orjk-fvqrprmyftpljl-glwbnosytmoeoe-rqdd-nswk-xcxcjzvqkg-rtdglztw.php
- DNS ASK gh##c.su
- DNS ASK fa##m.com