Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'svchost.exe (Debug mode)' = '<SYSTEM32>\svchost.exe:debug.exe'
- <SYSTEM32>\svchost.exe:debug.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\response[1].asp
- <SYSTEM32>\dllcache\svchost.exe.new
- <SYSTEM32>\svchost.exe:debug.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\dsg[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\response[1].asp
- 'localhost':1045
- 'au##.#earch.msn.com':80
- 'localhost':1038
- 'co#####or.firstweb.hu':80
- co#####or.firstweb.hu/post.php
- co#####or.firstweb.hu/lister.php
- au##.#earch.msn.com/response.asp?MT###########################
- co#####or.firstweb.hu/mail.txt
- co#####or.firstweb.hu/update.txt
- co#####or.firstweb.hu/dsg.html
- co#####or.firstweb.hu/get.txt
- DNS ASK au##.#earch.msn.com
- DNS ASK co#####or.firstweb.hu
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''