Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Pqrstu Wxyabcde Ghi] 'Start' = '00000002'
- '%WINDIR%\Temp\svchost.exe' -k iickie
- '<SYSTEM32>\wscript.exe' "C:\8661.vbs"
- C:\8661.vbs
- %WINDIR%\Temp\svchost.exe
- C:\8661.vbs
- 'vi####aron.xicp.net':8888
- DNS ASK vi####aron.xicp.net