Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'ScreenPlug' = '%APPDATA%\Flash Temp\igfxTray32.exe'
- Библиотека-обработчик для всех процессов: %APPDATA%\Flash Temp\KeyPress.dll
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] '1806' = '00000000'
- %APPDATA%\Flash Temp\KeyPress.dll
- %APPDATA%\Flash Temp\nthome.dat
- %APPDATA%\Flash Temp\igfxTray32.exe
- 'ro###vyx.biz':80
- ro###vyx.biz/binarie.yol
- ro###vyx.biz/aqwuytiu.php?ui#####################
- DNS ASK ro###vyx.biz
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''