Техническая информация
- '%TEMP%\UhdPcX.exe' IPvuOU
- '%TEMP%\svchost.exe'
- '%TEMP%\RarSFX0\Pony.exe'
- '%TEMP%\RarSFX0\ic.exe'
- '<SYSTEM32>\conhost.exe' /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
- %TEMP%\vwOaAR.txt
- %TEMP%\aut33B.tmp
- %TEMP%\aut3C9.tmp
- %TEMP%\svchost.exe
- %TEMP%\IPvuOU
- %TEMP%\RarSFX0\Pony.exe
- %TEMP%\RarSFX0\ic.exe
- %TEMP%\RarSFX0\startic.bat
- %TEMP%\UhdPcX.exe
- %TEMP%\aut1A5.tmp
- %TEMP%\IPvuOU
- %TEMP%\vwOaAR.txt
- %TEMP%\aut3C9.tmp
- %TEMP%\aut1A5.tmp
- %TEMP%\aut33B.tmp
- %TEMP%\UhdPcX.exe в %TEMP%\UhdPcX.exe
- DNS ASK ee#.##beapity.org
- DNS ASK dn#.##ftncsi.com
- DNS ASK cu###pity.org
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''