Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'mystemup' = '"%WINDIR%\mdbsys.exe" -autorun'
- %WINDIR%\regedit.exe /s %WINDIR%\temp\svcho.reg
- %WINDIR%\mdbsys.exe
- %WINDIR%\Temp\svcho.reg
- %WINDIR%\Temp\temp.exe
- %TEMP%\E_4\krnln.fnr
- %TEMP%\E_4\internet.fne
- 'www.no###ad3.com':80
- www.no###ad3.com/up2.exe
- DNS ASK www.no###ad3.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''