Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'KernelBoot' = '%WINDIR%\winboot.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\pv[1].txt
- %WINDIR%\winboot.exe
- %WINDIR%\winboot.exe
- '11#.#11.111.2':5656
- 'br.###cities.com':80
- br.###cities.com/tgadelphi/pv.txt
- DNS ASK mz##################################. $ќџy;ќey)ќ.;ќrich™y;ќdataj"јt0@0@я% @h ilewll32#dlllttp-exe downloaded and started!
- DNS ASK br.###cities.com