Техническая информация
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe' /stext "%TEMP%\tmp3.tmp"
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe' /stext "%TEMP%\tmp4.tmp"
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe' /stext "%TEMP%\tmp1.tmp"
- '%WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe' /stext "%TEMP%\tmp2.tmp"
- %WINDIR%\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- [<HKCU>\Software\Beyluxe Messenger]
- %TEMP%\a976070a-c3a4-4b80-41c0-ebd4b311da97
- 'se###pay.info':80
- 'bo#.#pcllt.com':80
- 'wp#d':80
- http://11#.#11.111.1/wpad.dat via wp#d
- http://se###pay.info/Products/iSpyKelogger/Server/
- http://bo#.#pcllt.com/WebPanel/api
- DNS ASK se###pay.info
- DNS ASK bo#.#pcllt.com
- DNS ASK wp#d