Техническая информация
- <SYSTEM32>\tasks\loadsound
- %TEMP%\fxsound_13.019_setup.exe
- %TEMP%\nsk24e0.tmp\nsisdl.dll
- %TEMP%\nsk24e0.tmp\modern-wizard.bmp
- %TEMP%\nsk24e0.tmp\iospecial.ini
- %TEMP%\nsk24e0.tmp\dfx_spotify.exe
- %TEMP%\nsk24e0.tmp\registrycleanusers.exe
- %TEMP%\nsk24e0.tmp\userinfo.dll
- %TEMP%\nsk24e0.tmp\system.dll
- %TEMP%\nsk24e0.tmp\send_log_page_io.ini
- %TEMP%\nsk24e0.tmp\quick_or_custom_page_io.ini
- %TEMP%\nsk24e0.tmp\songmine_page_io.ini
- %TEMP%\nsk24e0.tmp\ask_email_page_io.ini
- %TEMP%\nsk24e0.tmp\nsprocess.dll
- %APPDATA%\dwm
- %APPDATA%\dwm.exe
- %APPDATA%\time.txt
- %TEMP%\nsz24a0.tmp
- %TEMP%\worm.exe
- %TEMP%\nsk24e0.tmp\buttonevent.dll
- %TEMP%\nsk24e0.tmp\installoptions.dll
- 'fx##und.com':80
- http://www.fx##und.com/cgi_php/preinstall.php?ve###############################################
- DNS ASK xk#####bx.selfip.net
- DNS ASK fx##und.com
- '%TEMP%\fxsound_13.019_setup.exe'
- '%TEMP%\worm.exe'
- '%WINDIR%\syswow64\schtasks.exe' /create /TN "LoadSound" /XML "%APPDATA%\dwm"