Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\services\Avt-Net] 'Start' = '00000002'
- '%PROGRAM_FILES%\840096360.exe'
- '<SYSTEM32>\svchost.exe' -k Avt-Net
- <SYSTEM32>\svcnet32.dll
- <SYSTEM32>\config\systemprofile\Documents\desktop.ini
- %PROGRAM_FILES%\840096360.exe
- %PROGRAM_FILES%\syslass.cpl
- <SYSTEM32>\svcnet32.dll
- <SYSTEM32>\config\systemprofile\Documents\desktop.ini
- %PROGRAM_FILES%\syslass.cpl
- %PROGRAM_FILES%\840096360.exe
- <SYSTEM32>\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XNAY37RJ\IDR_XML_DEFAULT_TRANSFORM[1]
- 'www.mi####ryfocus.net':99
- '20#.#6.232.182':80
- 20#.#6.232.182/
- DNS ASK dn#.##ftncsi.com
- DNS ASK www.mi####ryfocus.net
- DNS ASK www.microsoft.com