Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'proxy' = '%APPDATA%\Proxy.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Internet Settings] 'ProxyOverride' = '??l'
- %APPDATA%\Proxy.exe
- %TEMP%\nsi2.tmp\sob.dll
- %TEMP%\sob.f
- %APPDATA%\Proxy.exe
- %TEMP%\nsi2.tmp\sob.dll
- '20#.#2.194.254':80
- 20#.#2.194.254/~contacom/?us###############
- ClassName: 'Indicator' WindowName: ''