Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\os] 'Start' = '00000002'
- <SYSTEM32>\svchost.exe -k netsvcs
- <SYSTEM32>\reg.exe ADD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\os\Parameters /v ServiceDll /t REG_EXPAND_SZ /d "<SYSTEM32>\office.dll"
- <SYSTEM32>\office.dll
- 'mz##.6600.org':8080
- DNS ASK mz##.6600.org