Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'JAVA' = '%WINDIR%:svchosts.exe'
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{E13D16CC-045B-5570-593D-2FF854FA8FAE}] 'StubPath' = '%WINDIR%:svchosts.exe'
- %WINDIR%\Explorer.EXE
- msnmsgr.exe
- %ALLUSERSPROFILE%\Application Data\DYA_JKRGFEPSJGKFOKOOP\1.0.0:$SS_DESCRIPTOR_SBXNV9VVGV1BFP64KF2HJG89WJN8YRF9XJ26YRPFSPF7VB4VPJGV
- %ALLUSERSPROFILE%\Desktop:$SS_DESCRIPTOR_SBXNV9VVGV1BFP64KF2HJG89WJN8YRF9XJ26YRPFSPF7VB4VPJGV
- %WINDIR%:svchosts.exe
- %ALLUSERSPROFILE%\Application Data\DYA_JKRGFEPSJGKFOKOOP\1.0.0\Data\app.dat
- %ALLUSERSPROFILE%\Application Data\DYA_JKRGFEPSJGKFOKOOP\1.0.0\Data\updates.dat
- %APPDATA%\DYA_JKRGFEPSJGKFOKOOP\1.0.0\Data\dya.dat
- 'ma####.selfip.com':3460
- DNS ASK ma####.selfip.com