Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Active Setup\Installed Components\{M3A244E7-0661-R881-08WV-08S263WJR2C7}] 'StubPath' = '<SYSTEM32>\msoft\msoft.exe Restart'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'msoft' = ''
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'msoft' = ''
- %APPDATA%\msoft.exe
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\msoft\msoft.dat
- <SYSTEM32>\msoft\msoft.exe
- %APPDATA%\msoft.exe
- <SYSTEM32>\msoft\msoft.dat
- <SYSTEM32>\msoft\msoft.exe
- '??.##caldomain':1035
- 'yu####ost.no-ip.org':1035
- DNS ASK њ.###ldomain
- DNS ASK yu####ost.no-ip.org
- ClassName: 'Indicator' WindowName: ''