Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ufad-dns60\Parameters] 'ServiceDll' = '<SYSTEM32>\XUTtDentBBvmTC.dll'
- [<HKLM>\SYSTEM\ControlSet001\Services\ufad-dns60] 'ImagePath' = '<SYSTEM32>\svchost.exe -k ufad-dns60'
- [<HKLM>\SYSTEM\ControlSet001\Services\ufad-dns60] 'Start' = '00000002'
- '<SYSTEM32>\svchost.exe' -k ufad-dns60
- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CJCTQ25G\Admin_Post[1].htm
- C:\EanEOUHwJHvyRq.dll
- <SYSTEM32>\XUTtDentBBvmTC.dll
- C:\EanEOUHwJHvyRq.dll в <SYSTEM32>\XUTtDentBBvmTC.dll
- 'www.xx#.com':80
- http://www.xx#.com/Admin_Post.Asp
- DNS ASK www.xx#.com