Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'daumAgnt' = '<SYSTEM32>\msflash.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Adobe Flash' = '<SYSTEM32>\msflash.exe'
- '%TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\PPTVIEW.EXE' /S "%TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\bitcoin°ъ-№О»з№эАЗ-Б¦-№®Б¦1.ppt"
- '%TEMP%\<Имя вируса>.exe'
- '<SYSTEM32>\msflash.exe'
- %TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\OGL.DLL
- %TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\MSVCR80.dll
- %TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\msvcp80.dll
- %TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\SAEXT.DLL
- %TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\PPVWINTL.DLL
- %TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\PPTVIEW.EXE
- %TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\bitcoin°ъ-№О»з№эАЗ-Б¦-№®Б¦1.ppt
- %TEMP%\<Имя вируса>.exe
- <SYSTEM32>\msflash.exe
- %TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\msvcm80.dll
- %TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\microsoft.vc80.crt.manifest
- %TEMP%\{9AB71F60-3A73-447A-80A0-659C5F2C45B1}\INTLDATE.DLL
- 'www.sm###nace.com':80
- DNS ASK www.sm###nace.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''