Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'UpdSysDrvX32z32' = '"%APPDATA%\UpdSysDrv32Xz32\lokorahy.exe"'
- '<SYSTEM32>\svchost.exe'
- %TEMP%\~DFD503.tmp
- %APPDATA%\UpdSysDrv32Xz32\UpdSysDrz32.jpg
- %APPDATA%\UpdSysDrv32Xz32\lokorahy.exe
- %APPDATA%\UpdSysDrv32Xz32\UpdSysDrz32.jpg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\cou[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\upd[1].php
- 'localhost':1038
- '37.#.200.44':80
- 37.#.200.44/09/c/files2/MZ?
- 37.#.200.44/09/c/cou.php
- 37.#.200.44/09/c/upd.php
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Unicode' WindowName: ''
- ClassName: 'MainForm' WindowName: ''