Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe,%APPDATA%\skype.dat'
- '<SYSTEM32>\svchost.exe'
- <SYSTEM32>\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\nn-rpfa_auxf-jwbh-eyvt-tueg-llkbrg-igrnkqwilmsdte-iixvdkvpaw_yvpi-mpyhdrougszv-lzclbtehnliivqwb[1].php
- %APPDATA%\skype.ini
- %APPDATA%\skype.dat
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\xyawrkowpvpztu-rnow-gbxpfqnwihabnlfpnn-bioa-egfp-noohcubijg-bqkd-ohyq_ityn_xypqga-pvejrdmyoxjh[1].php
- 'vf##c.ru':80
- 'dm##f.net':80
- vf##c.ru/nn-rpfa_auxf-jwbh-eyvt-tueg-llkbrg-igrnkqwilmsdte-iixvdkvpaw_yvpi-mpyhdrougszv-lzclbtehnliivqwb.php
- dm##f.net/xyawrkowpvpztu-rnow-gbxpfqnwihabnlfpnn-bioa-egfp-noohcubijg-bqkd-ohyq_ityn_xypqga-pvejrdmyoxjh.php
- DNS ASK vf##c.ru
- DNS ASK dm##f.net