Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 'AppInit_DLLs' = ' slaylprh.dll'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ff_vwsnm] 'Startup' = 'WlxStartupEvent'
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ff_vwsnm] 'DllName' = '<SYSTEM32>\ff_vwsnm.dll'
- <SYSTEM32>\ff_vwsnm.exe
- <SYSTEM32>\wmipdpse.exe
- <SYSTEM32>\rdpcdivx.dll
- <SYSTEM32>\ff_vwsnm.dat
- <SYSTEM32>\ff_vwsnm.dll
- <SYSTEM32>\ff_vwsnm.exe
- <SYSTEM32>\slaylprh.dll
- '67.##5.160.76':25
- DNS ASK ma##.yahoo.com
- DNS ASK ya##o.com