Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'svohost.exe' = '<SYSTEM32>\svohost.exe'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'svohost.exe' = '<SYSTEM32>\svohost.exe'
- <SYSTEM32>\svohost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\1303991183[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\1304200714[1]
- <SYSTEM32>\svohost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\1302121928[1]
- <SYSTEM32>\svohost.exe
- 'bg##p.net':80
- 'localhost':1037
- bg##p.net/in.php/1304200714
- bg##p.net/in.php/1303991183
- bg##p.net/in.php/1302121928
- DNS ASK bg##p.net
- '<IP-адрес в локальной сети>':1038
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''