Техническая информация
- %HOMEPATH%\Start Menu\Programs\Startup\userinit.exe
- %TEMP%\_un1.tmp
- <LS_APPDATA>\Windows\logs\SysInfo.txt
- <LS_APPDATA>\Windows\logs\00006QBy.09.lnk
- <LS_APPDATA>\Windows\userinit.dll
- %ALLUSERSPROFILE%\Application Data\desktop.BIN
- <LS_APPDATA>\Windows\userinit.exe
- <LS_APPDATA>\Windows\logs\SysInfo.txt
- %TEMP%\_un1.tmp
- 'ne##.##ve-facebook.com':80
- ne##.##ve-facebook.com/windowsupdatev7/search%3Fhl%3DVQBTAEUAUgAtADQAQgBCADAAOQBBADkAQwAwADIA%26q%3DMQA5ADIALgAxADYAOAAuADEAOQAzAC4AMQA0ADAA%26meta%3DLi4%3D%26id%3Dxfircvscxggbwkf
- ne##.##ve-facebook.com/windowsupdatev7/search%3Fhl%3DVQBTAEUAUgAtADQAQgBCADAAOQBBADkAQwAwADIA%26q%3DMQA5ADIALgAxADYAOAAuADEAOQAzAC4AMQA0ADAA%26meta%3DLg%3D%3D%26id%3Dphqghumeaylnlfd
- ne##.##ve-facebook.com/windowsupdatev7/search%3Fhl%3DVQBTAEUAUgAtADQAQgBCADAAOQBBADkAQwAwADIA%26q%3DMQA5ADIALgAxADYAOAAuADEAOQAzAC4AMQA0ADAA%26meta%3DMDAwMDZRQnkuMDk%3D%26id%3Dcjlutdvnuzzdapm
- DNS ASK ne##.##ve-facebook.com