Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'System Microsoft Activator' = '%WINDIR%\msactsy.exe'
- %WINDIR%\qpcksm.erd
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\uz[1].php
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\uz[1].php
- %WINDIR%\msactsy.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\uz[1].php
- %WINDIR%\qpcksm.rdd
- %WINDIR%\qpcksm.erd
- %WINDIR%\qpcksm.rdd
- 'no##ox.com':80
- 'localhost':1035
- no##ox.com/z/uz.php?ss#########################
- DNS ASK no##ox.com
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''