Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'onk73lj5017ohlltp3pqot60' = '<SYSTEM32>\dstsbkrc.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'onk73lj5017ohlltp3pqot60' = '<SYSTEM32>\dstsbkrc.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] 'onk73lj5017ohlltp3pqot60' = '<SYSTEM32>\dstsbkrc.exe'
- '<SYSTEM32>\dstsbkrc.exe'
- 'C:\ЖДАПЗХДЎ±в.exe'
- 'C:\V3Lite.exe'
- '<SYSTEM32>\attrib.exe' "C:\V3Lite.exe" -h -r -s
- '<SYSTEM32>\cmd.exe' /c C:\9jbxw9yrctvdulu.bat
- <SYSTEM32>\dstsbkrc.exe
- <SYSTEM32>\MSWINSCK.ocx
- <SYSTEM32>\dstsbkrc.exe
- C:\9jbxw9yrctvdulu.bat
- C:\V3Lite.exe
- C:\ЖДАПЗХДЎ±в.exe
- %TEMP%\E_4\krnln.fnr
- <SYSTEM32>\dstsbkrc.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\MSWINSCK[1].OCX
- C:\V3Lite.exe
- %TEMP%\~DF28FE.tmp
- %TEMP%\~DF877A.tmp
- 'localhost':1040
- 'tk####h10.codns.com':5218
- 'localhost':1037
- 'pd###.egloos.com':80
- pd###.egloos.com/pds/201401/25/40/MSWINSCK.OCX
- DNS ASK tk####h10.codns.com
- DNS ASK pd###.egloos.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''