Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] '157jv9e22n71a6' = '%HOMEPATH%\157jv9e22n71a6\72874.vbs'
- '%HOMEPATH%\157jv9e22n71a6\OIETieUGGFk.com' FofPABBysAaO.QYT
- '<SYSTEM32>\rundll32.exe' dfdts.dll,DfdGetDefaultPolicyAndSMART
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe'
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- %HOMEPATH%\157jv9e22n71a6\31092.cmd
- %APPDATA%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk
- %HOMEPATH%\157jv9e22n71a6\run.vbs
- %HOMEPATH%\157jv9e22n71a6\72874.vbs
- %HOMEPATH%\157jv9e22n71a6\OIETieUGGFk.com
- %HOMEPATH%\157jv9e22n71a6\ANNr.SOQ
- %HOMEPATH%\157jv9e22n71a6\SVoqFbom.LKU
- %HOMEPATH%\157jv9e22n71a6\FofPABBysAaO.QYT
- %HOMEPATH%\157jv9e22n71a6\SVoqFbom.LKU
- %HOMEPATH%\157jv9e22n71a6\72874.vbs
- %HOMEPATH%\157jv9e22n71a6\31092.cmd
- %HOMEPATH%\157jv9e22n71a6\ANNr.SOQ
- %HOMEPATH%\157jv9e22n71a6\OIETieUGGFk.com
- %HOMEPATH%\157jv9e22n71a6\FofPABBysAaO.QYT
- %APPDATA%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnk
- 'li#####ssmail.3owl.com':80
- 'sm##.gmail.com':587
- DNS ASK li#####ssmail.3owl.com
- DNS ASK dn#.##ftncsi.com
- DNS ASK sm##.gmail.com
- ClassName: 'EDIT' WindowName: '(null)'