Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\windowspplive] 'Start' = '00000002'
- %WINDIR%\RemoteAbc.exe
- %TEMP%\40414246.tmp
- %TEMP%\1.exe
- %TEMP%\zxfly_8k8e.exe
- %TEMP%\1.exe
- '50####763.3322.org':8000
- DNS ASK 50####763.3322.org
- ClassName: 'Afx:400000:0' WindowName: ''
- ClassName: 'Button' WindowName: '????????????'
- ClassName: '' WindowName: 'Element Client'
- ClassName: 'Shell_TrayWnd' WindowName: ''