Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Nationalfuy] 'Start' = '00000002'
- '%APPDATA%\zxcasd.exe'
- '<SYSTEM32>\oooyou.exe'
- '%APPDATA%\asdqwe.exe'
- 'C:\84015461.exe'
- 'C:\[1.5.2]ЖЫЖ®АЗ+ЕлЗХјіДЎ±в(v2.06).exe'
- %TEMP%\nsd3.tmp\NSISdl.dll
- %TEMP%\nsd3.tmp\Form.ini
- %TEMP%\nsd3.tmp\Main.ini
- %TEMP%\nsd3.tmp\update2.06.ini
- C:\PTLogo.bmp
- %TEMP%\nsd3.tmp\oncheck.ini
- <SYSTEM32>\oooyou.exe
- %APPDATA%\zxcasd.exe
- C:\[1.5.2]ЖЫЖ®АЗ+ЕлЗХјіДЎ±в(v2.06).exe
- C:\84015461.exe
- %TEMP%\nsd3.tmp\AdvSplash.dll
- %APPDATA%\asdqwe.exe
- %TEMP%\spltmp.bmp
- %TEMP%\spltmp.bmp
- 'cf#####2.uf.daum.net':80
- 'pe###.tistory.com':80
- 'dl#####ms678.codns.com':2012
- pe###.tistory.com/attachment/cfile4.uf@2247FA3F53C0759706E856.ini
- cf#####2.uf.daum.net/attach/2357694A5324284302D2A4
- pe###.tistory.com/attachment/cfile28.uf@2779EA345275D28638CC3D.ini
- DNS ASK cf#####2.uf.daum.net
- DNS ASK pe###.tistory.com
- DNS ASK dl#####ms678.codns.com
- ClassName: 'Shell_TrayWnd' WindowName: ''