Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] '' = '%WINDIR%\system\SVCH0ST.exe'
- %WINDIR%\system\SVCH0ST.exe
- %WINDIR%\regedit.exe /s r.reg
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\in-6mqxmq[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\time[1].html
- %WINDIR%\system\r.reg
- %WINDIR%\system\SVCH0ST.exe
- %WINDIR%\system\MSINET.OCX
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\in-6mqxmq[1].html
- 'www.55##.com':80
- 'localhost':1037
- www.55##.com/1/time.html
- www.55##.com/1/in-6mqxmq.html
- DNS ASK www.55##.com
- ClassName: 'RegEdit_RegEdit' WindowName: ''