Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Reg Server' = 'regsrv.exe'
- <SYSTEM32>\regsrv.exe
- ClassName: 'OLLYDBG' WindowName: ''
- <SYSTEM32>\regsrv.exe
- <SYSTEM32>\regsrv.exe
- 'i1#########1li1li1lji1l.moonlines.biz':1750
- DNS ASK i1#########1li1li1lji1l.moonlines.biz
- ClassName: 'WispWindowClass' WindowName: ''