Техническая информация
- "%TEMP%\CEJYEJ_.exe" (загружен из сети Интернет)
- <SYSTEM32>\ntvdm.exe -f -i1
- %WINDIR%\Temp\scs1.tmp
- %TEMP%\YNHZJA_DrK_Pub_Release.dll
- %WINDIR%\Temp\scs2.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\SysUpdate[1].exe
- %TEMP%\CEJYEJ_
- %TEMP%\QLUUBH_DrK_Pub_Release.exe
- %WINDIR%\Temp\scs2.tmp
- %WINDIR%\Temp\scs1.tmp
- 'cr###.fileave.com':80
- cr###.fileave.com/SysUpdate.exe
- DNS ASK cr###.fileave.com
- ClassName: 'ConsoleWindowClass' WindowName: 'ntvdm-afc.b04.3a0001'