Technical Information
- [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = 'explorer.exe,%APPDATA%\skype.dat'
- %WINDIR%\syswow64\svchost.exe
- %APPDATA%\skype.dat
- %APPDATA%\skype.ini
- DNS ASK ns#n.ru
- DNS ASK ef#b.su
- '%WINDIR%\syswow64\svchost.exe'
- '%WINDIR%\syswow64\ctfmon.exe'