Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'winlogon' = '%APPDATA%\windowsupdate\svchost.exe'
- [<HKLM>\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] '%HOMEPATH%\Local Settings\Temp0.exe' = '%HOMEPATH%\Local Settings\Temp0.exe:*:Enabled:0'
- '%TEMP%\0'
- %APPDATA%\MSWINSCK.OCX
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\MSWINSCK[1].OCX
- %TEMP%\0
- %TEMP%\0
- 'www.as###tive.com':80
- 'localhost':1038
- 'vv#.#o-ip.info':3100
- www.as###tive.com/support/new/images/lib/MSWINSCK.OCX
- DNS ASK www.as###tive.com
- DNS ASK vv#.#o-ip.info
- ClassName: 'Indicator' WindowName: '(null)'