Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\dfge] 'ImagePath' = '%PROGRAM_FILES%\msdn\VectorMonitor.pas'
- [<HKLM>\SYSTEM\ControlSet001\Services\dfge] 'Start' = '00000001'
- <SYSTEM32>\baqlp.exe
- <SYSTEM32>\teaeo.exe
- <SYSTEM32>\rundll32.exe "%TEMP%\Hyt1354.tmp,Main"
- %PROGRAM_FILES%\AAV\CDriver.sys
- %TEMP%\tem1354.tmp
- %PROGRAM_FILES%\msdn\VectorMonitor.pas
- <SYSTEM32>\baqlp.exe
- %TEMP%\tmm167.tmp
- %TEMP%\Hyt1354.tmp
- <SYSTEM32>\teaeo.exe
- %TEMP%\tmm167.tmp
- %PROGRAM_FILES%\msdn\VectorMonitor.pas
- <SYSTEM32>\teaeo.exe
- 'e0#.#mff8.com':8080
- DNS ASK e0#.#mff8.com