Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System32' = 'C:\sms.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System32' = 'C:\svlhost.exe'
- 'C:\svlhost.exe'
- 'C:\sms.exe'
- '%TEMP%\Form1.exe'
- '%TEMP%\Laucnerrxd.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\Ayar[1].txt
- %TEMP%\aut5.tmp
- %TEMP%\aygbwqz
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\Ayar1[1].txt
- %TEMP%\aut6.tmp
- %TEMP%\ueyxhnx
- %TEMP%\zljrndw
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\Ayar[1].txt
- %TEMP%\aut4.tmp
- %TEMP%\aut1.tmp
- C:\svlhost.exe
- %TEMP%\Form1.exe
- %TEMP%\Laucnerrxd.exe
- %TEMP%\aut3.tmp
- %TEMP%\avzzrrn
- %TEMP%\aut2.tmp
- C:\sms.exe
- %TEMP%\aut5.tmp
- %TEMP%\aygbwqz
- %TEMP%\zljrndw
- %TEMP%\ueyxhnx
- %TEMP%\aut6.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- %TEMP%\aut3.tmp
- %TEMP%\aut4.tmp
- %TEMP%\avzzrrn
- 'bi###ufilm.net':80
- http://bi###ufilm.net/Ayar.txt
- http://bi###ufilm.net/Ayar1.txt
- DNS ASK bi###ufilm.net
- ClassName: 'Shell_TrayWnd' WindowName: ''