Техническая информация
- <SYSTEM32>\winlogon.exe
- %ALLUSERSPROFILE%\Application Data\DYA_OLOESQKDGACCBQFPP\1.0.0:$SS_DESCRIPTOR_SBXNV9VVGV1BFMKHWP4X5SW46XMTJKFBF5PT3WFFSPF7VB4VPJGV
- %ALLUSERSPROFILE%\Desktop:$SS_DESCRIPTOR_SBXNV9VVGV1BFMKHWP4X5SW46XMTJKFBF5PT3WFFSPF7VB4VPJGV
- %APPDATA%\DYA_OLOESQKDGACCBQFPP\1.0.0\Data\dya.dat
- %ALLUSERSPROFILE%\Application Data\DYA_OLOESQKDGACCBQFPP\1.0.0\Data\app.dat
- %ALLUSERSPROFILE%\Application Data\DYA_OLOESQKDGACCBQFPP\1.0.0\Data\updates.dat
- 'go#d.gd':80
- 'ha#######d.csonlinechina.com':80
- go#d.gd/1735621.htm
- ha#######d.csonlinechina.com/ahn.ui
- DNS ASK go#d.gd
- DNS ASK ha#######d.csonlinechina.com
- '<IP-адрес в локальной сети>':1036
- ClassName: 'Shell_TrayWnd' WindowName: ''