Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\ANMRhbz] 'Start' = '00000002'
- %PROGRAM_FILES%\YOXQ\PwByN.exe
- iexplore.exe
- %PROGRAM_FILES%\YOXQ\PwByN.exe
- %WINDIR%\windns.ini
- %PROGRAM_FILES%\YOXQ\jKAjwM.dll
- 'sh####ue27.3322.org':2600
- DNS ASK sh####ue27.3322.org
- ClassName: 'MS_WINHELP' WindowName: ''