Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\+viSpteLPcrt] 'Start' = '00000002'
- '%WINDIR%\Temp\ЈГЈЖДў№ЅМеСй·ю¶юЗші¬ј¶ОЮµР±дМ¬ёЁЦъBeta(101).exe'
- '%WINDIR%\Temp\ЈГЈЖДў№ЅМеСй·ю¶юЗші¬ј¶ОЮµР±дМ¬ёЁЦъBeta(101)ЎЎ.exe'
- '<SYSTEM32>\svchost.exe' -k krnlsrvc
- %TEMP%\147609_EfiProc.dll
- %WINDIR%\Temp\ЈГЈЖДў№ЅМеСй·ю¶юЗші¬ј¶ОЮµР±дМ¬ёЁЦъBeta(101)ЎЎ.exe
- %WINDIR%\Temp\ЈГЈЖДў№ЅМеСй·ю¶юЗші¬ј¶ОЮµР±дМ¬ёЁЦъBeta(101).exe
- %WINDIR%\Temp\ЈГЈЖДў№ЅМеСй·ю¶юЗші¬ј¶ОЮµР±дМ¬ёЁЦъBeta(101)ЎЎ.exe
- %TEMP%\147609_EfiProc.dll в %APPDATA%\xwrpdwx.cc3
- 'cf##.f3322.org':8080
- DNS ASK cf##.f3322.org
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'