Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] '3c5d96c190434746aacb1a39a8cfe66b' = ''
- '%APPDATA%\Roaming\svchost\svchost.exe'
- '%HOMEPATH%\vyyr7j6n5dx1a\dMwcZlZM.exe' Lofdk.LSA
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %HOMEPATH%\vyyr7j6n5dx1a\alTv.SCQ
- %APPDATA%\Roaming\svchost\svchost.exe
- %HOMEPATH%\vyyr7j6n5dx1a\Lofdk.LSA
- %HOMEPATH%\vyyr7j6n5dx1a\DrNUnl.JXO
- %HOMEPATH%\vyyr7j6n5dx1a\dMwcZlZM.exe
- %HOMEPATH%\vyyr7j6n5dx1a\Lofdk.LSA
- %HOMEPATH%\vyyr7j6n5dx1a\alTv.SCQ
- %HOMEPATH%\vyyr7j6n5dx1a\DrNUnl.JXO
- %HOMEPATH%\vyyr7j6n5dx1a\dMwcZlZM.exe
- 'bo#.####ismyipaddress.com':80
- bo#.####ismyipaddress.com/
- DNS ASK bo#.####ismyipaddress.com
- ClassName: 'Indicator' WindowName: '(null)'
- ClassName: 'EDIT' WindowName: '(null)'