Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Nationalxch] 'Start' = '00000002'
- '<SYSTEM32>\uuwmuk.exe'
- 'C:\Server69_protected.exe'
- <SYSTEM32>\uuwmuk.exe
- C:\[Жщ(ЗС)Newјї] 1305.µьЗ®АМ єО·ґ 2.avi
- C:\Server69_protected.exe
- '20#.#6.232.182':80
- 'localhost':1042
- 'se#####004.codns.com':69
- 20#.#6.232.182/objects/ocget.dll
- DNS ASK ac#####.microsoft.com
- DNS ASK se#####004.codns.com
- ClassName: 'WMP9DeskBand' WindowName: 'WMP9DeskBand'
- ClassName: 'ReBarWindow32' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''