Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Windows] 'run' = 'c:\pvzngyxqh\start.lnk'
- %ALLUSERSPROFILE%\Start Menu\Programs\Startup\start.lnk
- 'C:\pvzngyxqh\csrss.exe' "c:\pvzngyxqh\mydll.dll",InitSkin
- C:\pvzngyxqh\start.lnk
- C:\pvzngyxqh\csrss.exe
- C:\pvzngyxqh\mydll.dll
- 'v1.#6yf.com':8086
- '98.##6.0.219':3201
- '98.##6.0.218':805
- DNS ASK v1.#6yf.com