Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows OverClock' = '%WINDIR%\tempir.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Windows Uptade' = '%WINDIR%\lisk.exe'
- '%WINDIR%\lisk.exe'
- '%WINDIR%\tempir.exe'
- C:\vict.txt
- %WINDIR%\putz.txt
- %WINDIR%\tempir.exe
- %WINDIR%\lisk.exe
- %TEMP%\aut1.tmp
- C:\vict.txt
- %TEMP%\aut1.tmp
- 'ft#.#pg.com.br':21
- DNS ASK ft#.#pg.com.br
- ClassName: 'Shell_TrayWnd' WindowName: ''