Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Taskman' = '%APPDATA%\vfbu.exe'
- %WINDIR%\Explorer.EXE
- iexplore.exe
- ClassName: 'PROCMON_WINDOW_CLASS' WindowName: '(null)'
- ClassName: 'RegMonClass' WindowName: '(null)'
- ClassName: 'FileMonClass' WindowName: '(null)'
- %APPDATA%\vfbu.exe
- %TEMP%\2B34E233.TMP
- %APPDATA%\vfbu.exe
- DNS ASK .#�
- DNS ASK wi####ureserv.com
- DNS ASK up####windows.net
- DNS ASK li####dates2000.com
- DNS ASK ##�
- ClassName: 'Progman' WindowName: '(null)'