Техническая информация
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = '<SYSTEM32>\config\systemprofile\Application Data\msconfig.ini,explorer.exe'
- [<HKCU>\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] 'shell' = '%APPDATA%\msconfig.ini,explorer.exe'
- <SYSTEM32>\svchost.exe
- <SYSTEM32>\svchost.exe
- %APPDATA%\msconfig.ini
- <SYSTEM32>\config\systemprofile\Application Data\msconfig.ini
- %WINDIR%\abw.knm
- %WINDIR%\lnijt.tmm
- 'lv####temsinfos.org':80
- DNS ASK de##xk.net
- DNS ASK pn##see.com
- DNS ASK ra#####weonearch.com
- DNS ASK microsoft.com
- DNS ASK lv####temsinfos.org