Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'Windows Event Logs Utility' = '%TEMP%\WEvtUtil.exe'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\RunOnce] 'Windows Event Logs Utility' = '%TEMP%\WEvtUtil.exe'
- '%TEMP%\WEvtUtil.exe'
- %TEMP%\WEvtUtil.exe
- 'www.uk#.edu':80
- '91.##0.107.109':80
- 'www.is###lhayom.com':80
- 'http://www.as#.com/':80
- http://www.uk#.edu/
- http://http://www.as#.com//
- http://www.is###lhayom.com/
- DNS ASK www.uk#.edu
- DNS ASK http://www.as#.com/
- DNS ASK www.is###lhayom.com
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''