Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'net64' = '%WINDIR%\svhoster.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\exx[1].php
- %WINDIR%\svhoster.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\exx[1].php
- 'in###lspa.com':80
- 'localhost':1035
- in###lspa.com/s/exx.php
- DNS ASK th###alabc.com
- DNS ASK gr###tab.org
- DNS ASK to##xt.com
- DNS ASK co###erbest.com
- DNS ASK yo###opline.com
- DNS ASK mo###xtra.com
- DNS ASK yo###eekerz.com
- DNS ASK in###lspa.com
- DNS ASK es###anete.com
- DNS ASK ad####kworld.com
- DNS ASK es###rtuel.com
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''