Техническая информация
- [<HKCU>\software\microsoft\windows\currentversion\run] '{LV9ITLN6-526818-SB9P1S-SB9P1SU691}' = '"%APPDATA%\svchost.exe" ...'
- %APPDATA%\microsoft\windows\start menu\programs\startup\{lv9itln6-526818-sb9p1s-sb9p1su691}.exe
- скрытых файлов
- %APPDATA%\svchost.exe
- %APPDATA%\microsoft\windows\start menu\programs\startup\{lv9itln6-526818-sb9p1s-sb9p1su691}.exe
- %APPDATA%\svchost.exe
- http://cs########queries-js.googlecode.com/svn/trunk/css3-mediaqueries.js
- DNS ASK cu##.net
- DNS ASK 40#.#iize.com
- DNS ASK mo####lagi.ddns.net
- DNS ASK bl##ger.com
- DNS ASK pa#####.#ooglesyndication.com
- DNS ASK fo###.#oogleapis.com
- DNS ASK cs########queries-js.googlecode.com
- DNS ASK ma####.bootstrapcdn.com
- DNS ASK fo###.gstatic.com
- ClassName: 'DDEMLMom' WindowName: ''
- ClassName: 'IEFrame' WindowName: ''
- ClassName: 'Static' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebCheckMonitor' WindowName: ''
- '%APPDATA%\svchost.exe'