Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 'Tblixin' = '{0998A211-D83B-4751-B3AC-E649B8B26281}'
- [<HKCU>\Software\Microsoft\Internet Account Manager]
- <SYSTEM32>\brokomod.dll
- <SYSTEM32>\decidman.dll
- <SYSTEM32>\secadusb.dll
- %TEMP%\_is175156.ini
- <SYSTEM32>\botatsrv.dll
- %TEMP%\UUU2.tmp
- %TEMP%\UUU1.tmp
- <SYSTEM32>\popunver32.dll
- <SYSTEM32>\resivbot.dll
- %TEMP%\UUU3.tmp
- %TEMP%\UUU3.tmp
- %TEMP%\_is175156.ini
- %TEMP%\UUU1.tmp
- %TEMP%\UUU2.tmp